MidnightBSD

Advisories for imagefield_info_project

CVE-2015-4385 LOW

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer image styles" permission to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
imagefield_info_project imagefield_info 7.x-1.x-dev
imagefield_info_project imagefield_info 7.x-1.0
imagefield_info_project imagefield_info 7.x-1.1