MidnightBSD

Advisories for stickynote_project

CVE-2015-7879 LOW

Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
stickynote_project stickynote 7.x-1.1
stickynote_project stickynote 7.x-1.2
stickynote_project stickynote 7.x-1.0
stickynote_project stickynote 7.x-1.x-dev