EUVD-2015-3416

Malware in sbrugna...

EUVD-2015-3415

Malware in sbrugna...

EUVD-2015-3417

Malware in sbrugna...

Drupal Node Invite Module Open Redirect Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Node Invite is one of the modules that is similar to RSVP sending invitations via email. An open redirection vulnerability exists in the Drupal Node Invite module versions prior to...

CVE-2015-3372

Cross-site scripting XSS vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "nodeinvitecanmanageinvite" permission for requests that re-enable node invitations via unspecified vectors...

CVE-2015-3372

The Drupal Node Invite module (6.x) is vulnerable prior to 6.x-2.5: an XSS flaw allows remote authenticated users to inject script/HTML via a node title. Additional issues include CSRF exposure and an open redirect vulnerability. Affected versions: Node Invite 6.x-2.x before 6.x-2.5; Drupal core ...

CVE-2015-3372

Cross-site scripting XSS vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...