CVE-2015-4387
The CVE-2015-4387 vulnerability affects the Drupal Password Policy module (6.x-1.x before 6.x-1.11 and 7.x-1.x before 7.x-1.11). The root cause is inadequate sanitization in certain administration pages when a policy uses the username constraint, allowing a crafted username imported from an exter...