CVE-2015-4388

CVE-2015-4388 affects Drupal’s contributed Current Search Links module (7.x-1.x) before 7.x-1.1. The vulnerability arises when the option "Append the keywords passed by the user to the list" is disabled, leaving the module unable to adequately sanitize the user’s search query. This allows remote ...