3 matches found
SA-CONTRIB-2012-166 - Table of Contents - Access Bypass
This module enables you to generates a list of select header tags in a box that looks like a table of contents or summary. The links added to that box point to the headers so users can quickly access each section of your documents. The module doesn't sufficiently check for node access restriction...
SA-CONTRIB-2012-159 - Password policy - Information leakage of hashed passwords
This module provides a way to specify a certain level of password complexity aka. "password hardening" for user passwords on a system by defining a password policy. The Password policy module allows administrators to request users to enter a new password that does not match any of the previous X...
SA-CONTRIB-2009-085 - Insert Node - Cross Site Scripting
The Insert Node module provides an input filter that enables a node to be inserted within the body field of another node. The module fails to sanitize the inserted node, making it vulnerable to a cross site scripting XSS attack. Versions affected Insert Node module versions for Drupal 5.x prior t...