3 matches found
CVE-2015-4385
Cross-site scripting XSS vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer image styles" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-4385
Cross-site scripting XSS vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer image styles" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-4385
The CVE concerns the Drupal Imagefield Info module (7.x-1.x) prior to 7.x-1.2. The issue is an XSS vulnerability in unspecified administration pages caused by inadequate sanitization, allowing remote authenticated users with the Administer image styles permission to inject arbitrary scripts or HT...