EUVD-2015-4408

Malware in sbrugna...

CVE-2015-4385

Cross-site scripting XSS vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer image styles" permission to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer image styles" permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4385

The CVE concerns the Drupal Imagefield Info module (7.x-1.x) prior to 7.x-1.2. The issue is an XSS vulnerability in unspecified administration pages caused by inadequate sanitization, allowing remote authenticated users with the Administer image styles permission to inject arbitrary scripts or HT...

CVE-2015-4385

Cross-site scripting XSS vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer image styles" permission to inject arbitrary web script or HTML via unspecified vectors...

Drupal Imagefield Info Module Cross-Site Scripting Vulnerability

Drupal is a free and open source content management system developed in PHP. A cross-site scripting vulnerability exists in Drupal Imagefield Info, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information...

Imagefield Info - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-088

Imagefield Info module enables you to view image field paths so you can easily use them with a WYSIWYG editor. The module doesn't sufficiently sanitize user supplied text in some administration pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fa...