CVE-2015-4392
CVE-2015-4392 describes an XSS vulnerability in the Drupal Display Suite module for version 7.x-2.7. The issue allows remote authenticated users to inject arbitrary script/HTML via field display settings. The root cause is improper sanitization in Display Suite 7.x-2.7. Mitigation: upgrade to Dis...