4 matches found
CVE-2015-3347
Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...
CVE-2015-3348
Cross-site scripting XSS vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...
CVE-2015-3348
CVE-2015-3348 concerns the Cloudwords for Multilingual Drupal module (Drupal 7.x) prior to 7.x-2.3. The vulnerability is an XSS flaw where remote authenticated users can inject arbitrary script/HTML via a node title due to insufficient sanitization. Affected software: Cloudwords for Multilingual ...
CVE-2015-3347
Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...