RSS   Vulnerabilities for 'Cloudwords for multilingual'   RSS

2015-04-21
 
CVE-2015-3348

 

 
Cross-site scripting (XSS) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

 
 
CVE-2015-3347

 

 
Cross-site request forgery (CSRF) vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback.

 


Copyright 2019, cxsecurity.com

 

Back to Top