CVE-2015-4385
The CVE concerns the Drupal Imagefield Info module (7.x-1.x) prior to 7.x-1.2. The issue is an XSS vulnerability in unspecified administration pages caused by inadequate sanitization, allowing remote authenticated users with the Administer image styles permission to inject arbitrary scripts or HT...