SA-CONTRIB-2013-057 - TinyBox - Cross Site Scripting (XSS)

TinyBox module uses TinyBox, a lightweight and standalone modal window script. The main purpose of this module is to provide Splash Screen/Window as simple as possible. The module doesn't filter user-supplied text prior to display. The vulnerability is mitigated by the fact that an attacker must...

SA-CONTRIB-2013-055 - Hatch - Cross Site Scripting

Hatch theme is a simple and minimal portfolio theme for photographers, illustrators, designers, or photobloggers. The theme didn't sufficiently escape user supplied text prior to printing them. This vulnerability is mitigated by the fact that an attacker must have a role with the permission...