RSS   Vulnerabilities for 'Time tracker'   RSS

2015-08-31
 
CVE-2015-6751

 

 
Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracker module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via a (1) note added to a time entry or an (2) activity used to categorize time tracker entries.

 


Copyright 2024, cxsecurity.com

 

Back to Top