CVE-2015-4377 in Petition Module
Tóm tắt
Bởi MITRE
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition" permission to inject arbitrary web script or HTML via unknown vectors.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.