3 matches found
CVE-2014-4505
Cross-site scripting XSS vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-4505
The CVE-2014-4505 entry applies to the Drupal contributed module Easy Breadcrumb (7.x-2.x) prior to 7.x-2.10. Root cause: the module does not properly sanitize user-supplied values, enabling cross-site scripting (XSS). Impact: remote attackers could inject arbitrary script/HTML via unspecified ve...
SA-CONTRIB-2014-063 - Easy Breadcrumb - Cross Site Scripting (XSS)
The Easy Breadcrumb module generates breadcrumbs from path aliases. This module does not properly sanitize user-supplied values creating a Cross Site Scripting XSS vulnerability. CVE identifiers issued CVE-2014-4505 Versions affected Easy breadcrumbs 7.x-2.x versions prior to 7.x-2.10. Drupal cor...