Vulnerabilities > Entitybulkdelete Project > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-06-15 | CVE-2015-4386 | Cross-site Scripting vulnerability in Entitybulkdelete Project Entitybulkdelete 7.X1.0 Multiple cross-site scripting (XSS) vulnerabilities in unspecified administration pages in the EntityBulkDelete module 7.x-1.0 for Drupal allow remote attackers to inject arbitrary web script or HTML via unknown vectors involving creating or editing (1) comments, (2) taxonomy terms, or (3) nodes. | 4.3 |