EUVD-2014-9317

Malware in sbrugna...

CVE-2014-9500

Cross-site scripting XSS vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notification page callback...

Cross site scripting

Cross-site scripting XSS vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notification page callback...

CVE-2014-9500

Cross-site scripting XSS vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notification page callback...

CVE-2014-9500

CVE-2014-9500 affects the Moip module for Drupal 7.x (versions prior to 7.x-1.4). The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient filtering of data in automatic notifications, allowing remote attackers to inject arbitrary script or HTML via the notification page call...

SA-CONTRIB-2014-122 - MoIP - Cross Site Scripting (XSS)

This module enables you to use Moip a Brazilian payment method with Drupal Commerce. The module doesn't sufficiently filter the data passed by the automatic notifications, leaving the possibility for a malicious user to insert Cross Site Scripting xss attacks. This vulnerability is mitigated by t...