Vulnerabilities > Thinkshout

DATE	CVE	VULNERABILITY TITLE	RISK
2015-08-18	CVE-2015-5488	Cross-site Scripting vulnerability in Thinkshout Mailchimp 7.X3.0/7.X3.1/7.X3.2 Cross-site scripting (XSS) vulnerability in the MailChimp Signup submodule in the MailChimp module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "administer mailchimp" permission to inject arbitrary web script or HTML via unspecified vectors. network high complexity thinkshout CWE-79	2.1
2012-12-03	CVE-2012-5551	Cross-Site Scripting vulnerability in Thinkshout Mailchimp Multiple cross-site scripting (XSS) vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) a predictable "webhook URL key" and (2) improper sanitization of "Webhook variables from POST requests." network thinkshout drupal CWE-79	4.3
2012-12-03	CVE-2012-5544	Information Exposure vulnerability in Thinkshout Mandrill 7.X1.0/7.X1.1/7.X1.X The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to obtain password reset links by reading the logs in the Mandrill dashboard. network low complexity thinkshout drupal CWE-200	4.0

Vulnerabilities > Thinkshout {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Thinkshout"}]}