DIE ZEIT E-Paper App - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application DIE ZEIT E-Paper App published at the 'play' market has multiple vulnerabilities...

SA-2008-006 - Drupal core - Cross site scripting (UTF8)

When outputting plaintext Drupal strips potentially dangerous HTML tags and attributes from HTML, and escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte sequences that are invalid in the...

SA-2007-029 - Drupal core - User deletion cross site request forgery

The Drupal Forms API protects against cross site request forgeries CSRF, where a malicous site can cause a user to unintentionally submit a form to a site where he is authenticated. The user deletion form does not follow the standard Forms API submission model and is therefore not protected again...