Unrated severityNVD Advisory· Published Apr 21, 2015· Updated Jun 17, 2026
CVE-2015-3359
CVE-2015-3359
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the (1) node title of a "Room Reservations Category" or (2) body of a "Room Reservations Room" node.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:room_reservations_project:room_reservations:*:*:*:*:*:drupal:*:*Range: <=7.x-1.0
- Range: <7.x-1.1
Patches
Vulnerability mechanics
References
4- www.drupal.org/node/2406827nvdPatch
- www.drupal.org/node/2407329nvdPatchVendor Advisory
- www.openwall.com/lists/oss-security/2015/01/29/6nvd
- www.securityfocus.com/bid/72112nvd
News mentions
0No linked articles in our index yet.