MidnightBSD

Advisories for getlevelten

CVE-2015-6808 LOW

Cross-site scripting (XSS) vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
getlevelten spotlight 7.x-1.1
getlevelten spotlight 7.x-1.2
getlevelten spotlight 7.x-1.x
getlevelten spotlight 7.x-1.4
getlevelten spotlight 7.x-1.0
getlevelten spotlight 7.x-1.3