CVE-2012-1637

Cross-site scripting vulnerability XSS in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal...

SA-CONTRIB-2012-174 - Context - Information Disclosure

Context has functionality that renders block content for use with its inline editor. When these requests are made the context module does not sufficiently ensure that users have access to the block. A malicious user could send a specially crafted request and get access to block content they shoul...