CVE-2015-4358

Name of the Vulnerable Software and Affected Versions Ubercart Discount Coupons module versions 6.x-1.x before 6.x-1.8

Description The issue is related to a cross-site scripting (XSS) vulnerability in administration pages of the Ubercart Discount Coupons module for Drupal. This vulnerability allows remote authenticated users with specific permissions to inject arbitrary web script or HTML, particularly through vectors related to taxonomy terms.

Recommendations For Ubercart Discount Coupons module versions 6.x-1.x before 6.x-1.8, update to version 6.x-1.8 or later to resolve the issue.