CVE-2012-2072

Cross-site scripting XSS vulnerability in the Share Buttons AddToAny module 6.x-3.x before 6.x-3.4 for Drupal allows remote authenticated users with the administer addtoany permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2072

Cross-site scripting XSS vulnerability in the Share Buttons AddToAny module 6.x-3.x before 6.x-3.4 for Drupal allows remote authenticated users with the administer addtoany permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2072

The CVE-2012-2072 issue affects the Drupal Share Buttons (AddToAny) module (6.x-3.x series) prior to version 6.x-3.4. The root cause is improper sanitization of user-provided data, enabling cross-site scripting (XSS) by remote authenticated users who have the administer addtoany permission. Impac...

SA-CONTRIB-2012-045 - AddToAny - Cross Site Scripting

CVE: CVE-2012-2072 This module enables you to add Lockerz/AddToAny's universal sharing buttons to your site. Previously, the module did not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fac...