EUVD-2015-4399

Malware in sbrugna...

CVE-2015-4376

Cross-site scripting XSS vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Profile2 Privacy Levels" permission to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Profile2 Privacy Levels" permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4376

Cross-site scripting XSS vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Profile2 Privacy Levels" permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4376

The CVE-2015-4376 entry affects the Drupal Profile2 Privacy module (7.x-1.x) prior to 7.x-1.5. The vulnerability is an XSS flaw due to insufficient sanitization in the module, exploitable by remote authenticated users who have the Administer Profile2 Privacy Levels permission. The vectors are not...

Drupal Profile2 Privacy Module Cross-Site Scripting Vulnerability

Drupal is a developmental CMF Content Management Framework written in the PHP language. A cross-site scripting vulnerability exists in the Drupal Profile2 Privacy module. Because the program fails to properly filter user-supplied text, an attacker can exploit the vulnerability to execute arbitrar...

SA-CONTRIB-2015-080 - Profile2 Privacy - Cross Site Scripting (XSS)

Profile2 Privacy module enables you to show or hide parts of a profile2 entity based on pre-configured field sets with a title and description. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is...