3 matches found
CVE-2015-6754
Cross-site scripting XSS vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6754
CVE-2015-6754 affects the Drupal Path Breadcrumbs module (7.x-3.x) prior to 7.x-3.3. The root cause is insufficient input filtering in the module’s administration interface, enabling remote authenticated users with the Administer Path Breadcrumbs permission to inject arbitrary web script or HTML....
Path Breadcrumbs - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-133
This module enables you to configure breadcrumbs for any Drupal page. The module didn't sufficiently filter user input values the in administration interface. This vulnerability was mitigated by the fact that an attacker must have a role with the permission "Administer Path Breadcrumbs". CVE...