CVE-2015-3384
CVE-2015-3384 is a Cross-Site Scripting (XSS) vulnerability in the Drupal Commerce Balanced Payments module, specifically affecting the Bank Account Listing Page. The root cause is insufficient sanitization of user-supplied text in that page, enabling remote authenticated users to inject arbitrar...