DRUPAL-CONTRIB-2020-027

This module enables you to use the current URL path alias and the current page's title to automatically extract the breadcrumb's segments and its respective links then show them as breadcrumbs on your website. The module doesn't sufficiently sanitize editor input in certain circumstances leading ...

SA-CONTRIB-2010-025 - TinyMCE - Cross Site Scripting (XSS)

The TinyMCE module provides a "WYSIWYG" tool for entering rich text into various parts of a site. The TinyMCE module displayed text entered by an admin without filtering that text leading to a Cross Site Scription XSS vulnerability. XSS vulnerabilities may expose site administrative accounts whic...