Skip to main content
CVE-2015-4356 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the view-based webform results table in the Webform module 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Webform
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4354 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Ubercart Webform Integration
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4395 LOW Monitor

The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Hybridauth Social Login
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4384 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Ubercart Webform Checkout Pane module 6.x-3.x before 6.x-3.10 and 7.x-3.x before 7.x-3.11 for Drupal allows remote authenticated users with certain. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Ubercart Webform Checkout Pane
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4366 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Mover
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4365 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Taxonomy Accordion
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4380 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Linear Case
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4373 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Og Tabs
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4372 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Image Title module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Image Title
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4370 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Site Documentation
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4358 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Ubercart Discount Coupons module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with certain. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Ubercart Discount Coupons
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4387 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Password Policy module 6.x-1.x before 6.x-1.11 and 7.x-1.x before 7.x-1.11 for Drupal, when a site has a policy. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Password Policy
NVD
CVSS 2.0
2.6
EPSS
0.3%
CVE-2015-4388 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Current Search Links module 7.x-1.x before 7.x-1.1 for Drupal, when the "Append the keywords passed by the user to the list" option is disabled, allows. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Current Search Links
NVD
CVSS 2.0
2.6
EPSS
0.3%
CVE-2015-4346 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the SMS Framework module 6.x-1.x before 6.x-1.1 for Drupal, when the "Send to phone" submodule is enabled, allows remote attackers to inject arbitrary web. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Sms Framework
NVD
CVSS 2.0
2.6
EPSS
0.3%
CVE-2015-4378 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "Administer Crumbs" permission to inject arbitrary web. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Crumbs
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2015-4377 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition". Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Petition
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2015-4385 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Imagefield Info
NVD
CVSS 2.0
2.1
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy