SA-CONTRIB-2015-056 - inLinks Integration - Cross Site Scripting (XSS) - Unsupported
inLinks Integration module enables you to use inLinks product from Text Link Ads third-party service. The module doesn't sufficiently sanitize user input in some path arguments, thereby exposing a Cross Site Scripting vulnerability. CVE identifiers issued CVE-2015-4347 Versions affected All...