DRUPAL-CONTRIB-2020-027

This module enables you to use the current URL path alias and the current page's title to automatically extract the breadcrumb's segments and its respective links then show them as breadcrumbs on your website. The module doesn't sufficiently sanitize editor input in certain circumstances leading ...

CVE-2014-4505

Cross-site scripting XSS vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2705

The filtertitles function in the Smart Breadcrumb module 6.x-1.x before 6.x-1.3 for Drupal does not properly convert a title to plain-text, which allows remote authenticated users with create or edit node permissions to conduct cross-site scripting XSS attacks via the title parameter...

CVE-2010-1984

CVE-2010-1984 is a cross-site scripting (XSS) vulnerability in the Drupal Taxonomy Breadcrumb module, affecting 5.x versions before 5.x-1.5 and 6.x before 6.x-1.1. The issue allows remote authenticated users with administer taxonomy permissions to inject arbitrary script/HTML via the taxonomy ter...