2 matches found
CVE-2012-1634
The CVE-2012-1634 issue affects the Drupal Video Filter module (versions 6.x-2.x and 7.x-2.x). Root cause: XSS due to lack of sanitization of Blip.tv data embedded by the video_filter.codecs.inc component. Impact: remote attackers can inject arbitrary web script or HTML via the EMBEDLOOKUP parame...
SA-CONTRIB-2012-008 - Video Filter - Cross Site Scripting
CVE: CVE-2012-1634 The Video Filter module lets you display videos from various third party sources. When videos from Blip.tv are shown, the module fails to sanitize source data before display. This vulnerability is mitigated by the fact that the attacker has to be able to either control the sour...