SA-CONTRIB-2011-039 - Bot Alarm - Multiple vulnerabilities

This module enables you to set alarms for your IRC bot. The module does not properly escape the message and channels of alarms in pages listing the alarms, leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...

SA-CONTRIB-2010-087 - GovDelivery - Cross site scripting

The GovDelivery module provides integration with the GovDelivery On-Demand Mailer service, a web service for GovDelivery customers that sends messages directly based on configured account information. The module replaces the backend of SMTP library in your Drupal site with calls to the GovDeliver...