Multiple vulnerabilities in Drupal Dropbox client module

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Dropbox client is one of the modules used by Drupal users to interact with the Dropbox API. Cross-site scripting vulnerabilities and security bypass vulnerabilities in versions 7.x-3.x ...

Dropbox client - Multiple Vulnerabilities - SA-CONTRIB-2016-027

This module enables you to view dropbox files in your Drupal site. The module doesn't sufficiently sanitize filenames when displaying them to users or administrators leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must be able to...