2 matches found
CVE-2015-4373
Cross-site scripting XSS vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes posted in an Organic Groups group...
CVE-2015-4373
Summary: CVE-2015-4373 is a cross-site scripting (XSS) vulnerability in the OG Tabs contributed module for Drupal 7.x, affecting versions prior to 7.x-1.1. Affected component: OG Tabs module (Drupal 7.x). Root cause / vulnerability detail: Module does not sufficiently sanitize user-supplied text ...