CVE-2015-3353

Cross-site scripting (XSS) vulnerability in the Field Display Label module before 7.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the alternate field label in content types settings.
Configurations

Configuration 1 (hide)

cpe:2.3:a:field_display_label_project:field_display_label:*:*:*:*:*:drupal:*:*

History

No history.

Information

Published : 2015-04-21 16:59

Updated : 2024-02-28 12:20


NVD link : CVE-2015-3353

Mitre link : CVE-2015-3353

CVE.ORG link : CVE-2015-3353


JSON object : View

Products Affected

field_display_label_project

  • field_display_label
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')