5 matches found
EUVD-2009-4014
Malware in sbrugna...
DRUPAL-CONTRIB-2023-019
This module provides social media share & follow buttons. The module doesn't sufficiently restrict AddToAny block settings to users who have permission to administer AddToAny. This allows users with lower permission to configure malicious code leading to a Cross Site Scripting XSS vulnerability...
CVE-2009-4043
Cross-site scripting XSS vulnerability in the AddToAny module 5.x before 5.x-2.4 and 6.x before 6.x-2.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via a node title...
CVE-2009-4043
Cross-site scripting XSS vulnerability in the AddToAny module 5.x before 5.x-2.4 and 6.x before 6.x-2.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via a node title...
SA-CONTRIB-2009-100 - AddToAny - Cross Site Scripting
AddToAny module provides a share button for AddToAny service for social networks. The module fails to sanitize a value in node title, leading to a Cross Site Scripting XSS vulnerability. Versions affected AddToAny module for Drupal 6.x prior to AddToAny 6.x-2.4 AddToAny module for Drupal 5.x prio...