EUVD-2015-3431

Malware in sbrugna...

CVE-2015-3386

Cross-site scripting XSS vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

Cross site scripting

Cross-site scripting XSS vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3386

Cross-site scripting XSS vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3386

CVE-2015-3386 is an XSS vulnerability in the Node Access Product module for Drupal. It allows remote authenticated users to inject arbitrary script/HTML via a node title. Affected: all versions of the Node Access Product module. Root cause: insufficient sanitization of node titles. Impact: potent...

Drupal Node Access Product Module Cross-Site Scripting Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Node Access Product is one of the node access modules. A cross-site scripting vulnerability exists in the Drupal Node Access Product module, which stems from the program's failure to...

SA-CONTRIB-2015-045 - Node Access Product - Cross Site Scripting (XSS) - Unsupported

The Node Access Product module provides 'Node access' settings for product nodes, whereby users who purchase the product are granted view access to content, which can be predefined either by taxonomy, by node, or by Views. The module doesn't sufficiently sanitize node titles leading to the...