2 matches found
CVE-2015-2101
Cross-site scripting XSS vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2101
The CVE-2015-2101 entry concerns the Drupal Navigate module (6.x-1.x prior to 6.x-1.1; 7.x-1.x prior to 7.x-1.1). The underlying issue is insufficient sanitization of user input in the Navigate bar, leading to a Cross-Site Scripting (XSS) vulnerability that could allow remote attackers to inject ...