Cross-Site Scripting Vulnerability in Drupal Commerce Balanced Payments Module
CVE-2015-3384

Currently unrated

Key Information:

Vendor

Commerce Balanced Payments Project

Status
Commerce Balanced Payments
Vendor
CVE Published:
21 April 2015

What is CVE-2015-3384?

A cross-site scripting vulnerability exists in the Bank Account Listing Page of the Commerce Balanced Payments module for Drupal. This flaw allows remote authenticated users to inject arbitrary web scripts or HTML due to unspecified vectors, potentially compromising the integrity of the application and exposing users to malicious content.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/72615
vdb-entryx_refsource_BID
https://www.drupal.org/node/2424435
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2015/02/13/12
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.