Vulnerabilities > Stickynote Project > Stickynote > 7.x.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-11 | CVE-2015-7879 | Cross-site Scripting vulnerability in Stickynote Project Stickynote Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page. | 3.5 |