MidnightBSD

Advisories for ubercart_discount_coupons_project

CVE-2015-4358 LOW

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Ubercart Discount Coupons module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.5
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.1
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.2
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.6
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.7
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.4
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.0
ubercart_discount_coupons_project ubercart_discount_coupons 6.x-1.3