5 matches found
EUVD-2010-2068
Malware in sbrugna...
SA-CONTRIB-2012-137 - Heartbeat - Cross Site Request Forgery (CSRF) in heartbeat_comments
This module enables you to display activity for events on a site. The sub-modules heartbeatcomments and shouts don't sufficiently check the heartbeat comment post values making it possible for an attacker to cause a user to unknowingly make comments. CVE: Requested Versions affected...
CVE-2010-2048
Multiple cross-site scripting XSS vulnerabilities in the Heartbeat module 6.x before 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Heartbeat module 6.x before 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-2048
Multiple cross-site scripting XSS vulnerabilities in the Heartbeat module 6.x before 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...