CVE-2012-2705
The CVE-2012-2705 entry concerns the Drupal Smart Breadcrumb module (6.x-1.x) prior to 6.x-1.3. The root cause is that filter_titles() fails to properly filter user-supplied titles to plain-text, enabling cross-site scripting (XSS) by remote authenticated users who have create or edit node permis...