LiveActive security incident?Get immediate response
CVE archive

August 2015

Browse CVE records published in August 2015, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 876 matching CVEs · Page 2 of 18.

Unknown · CVSS Not scored

CVE-2015-6752: Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for D...

Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the returned suggestions.

Published Aug 31, 2015 · Updated Sep 16, 2024