Filtered by vendor Thinkshout Subscriptions
Filtered by product Mailchimp Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-5488 1 Thinkshout 1 Mailchimp 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the MailChimp Signup submodule in the MailChimp module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "administer mailchimp" permission to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-5551 2 Drupal, Thinkshout 2 Drupal, Mailchimp 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) a predictable "webhook URL key" and (2) improper sanitization of "Webhook variables from POST requests."