NuytsTech Security

CVE-2015-4356

by ·

Cross-site scripting (XSS) vulnerability in the view-based webform results table in the Webform module 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a webform.

Date published : 2015-06-15

http://www.securityfocus.com/bid/72993

https://www.drupal.org/node/2445297

Tags: