CVE-2015-6921

https://notcve.org/view.php?id=CVE-2015-6921

Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab module 7.x-1.x before 7.x-1.1 for Drupal allows remote administrators with the "Configure Zendesk Feedback Tab" permission to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el módulo Zendesk Feedback Tab 7.x-1.x en versiones anteriores a 7.x-1.1 para Drupal, permite a administradores remotos con el permiso 'Configure Zendesk Feedback Tab' inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • https://www.drupal.org/node/2561887 https://www.drupal.org/node/2561893 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •