Drupal Inline Entity Form Module Cross Site Scripting Vulnerability

Bugtraq ID: 75283
Class: Input Validation Error
CVE: CVE-2015-5507
Remote: Yes
Local: No
Published: Jun 17 2015 12:00AM
Updated: Nov 03 2015 07:04PM
Credit: Matt Vance, provisional member of the Drupal Security Team
Vulnerable: Drupal Inline Entity Form 7.x-1.5
Drupal Inline Entity Form 7.x-1.4
Drupal Inline Entity Form 7.x-1.3
Drupal Inline Entity Form 7.x-1.2
Drupal Inline Entity Form 7.x-1.1
Drupal Inline Entity Form 7.x-1.0
Not Vulnerable: Drupal Inline Entity Form 7.x-1.6


 

Privacy Statement
Copyright 2010, SecurityFocus