CVE-2015-6808

Cross-site scripting XSS vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title...

Drupal Spotlight Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in the Drupal Spotlight module versions 7.x-1.5 prior to 7.x-1.x, which can be exploited by a remote attacker with specific...