MidnightBSD

Advisories for petition_project

CVE-2015-4377 LOW

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition" permission to inject arbitrary web script or HTML via unknown vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
petition_project petition 6.x-1.2
petition_project petition 6.x-1.0
petition_project petition 6.x-1.1