Vulnerabilities > Time Tracker Project > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-08-31 | CVE-2015-6751 | Cross-site Scripting vulnerability in Time Tracker Project Time Tracker Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracker module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via a (1) note added to a time entry or an (2) activity used to categorize time tracker entries. | 3.5 |