CVE-2015-4347

CVE-2015-4347 describes a cross-site scripting (XSS) vulnerability in Drupal’s inLinks Integration module. The issue arises from insufficient sanitization of user input in some path arguments, allowing remote attackers to inject arbitrary web script or HTML. The advisory indicates the vulnerabili...