EUVD-2015-4396

Malware in sbrugna...

CVE-2015-4373

Cross-site scripting XSS vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes posted in an Organic Groups group...

CVE-2015-4373

Cross-site scripting XSS vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes posted in an Organic Groups group...

CVE-2015-4373

Summary: CVE-2015-4373 is a cross-site scripting (XSS) vulnerability in the OG Tabs contributed module for Drupal 7.x, affecting versions prior to 7.x-1.1. Affected component: OG Tabs module (Drupal 7.x). Root cause / vulnerability detail: Module does not sufficiently sanitize user-supplied text ...

Multiple cross-site scripting vulnerabilities in Drupal OG tabs module

Drupal is a developmental CMF Content Management Framework written in the PHP language. Multiple cross-site scripting vulnerabilities exist in the Drupal OG tabs module. Because the application fails to properly filter user-supplied input, an attacker could exploit the vulnerabilities to execute...

SA-CONTRIB-2015-077 - OG tabs - Cross Site Scripting (XSS)

OG Tabs modules provides a secondary menu with links to nodes of the same OG group. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission t...