2 matches found
Panels - Critical - Multiple Vulnerabilities - SA-CONTRIB-2016-047
Panels does not check access on some routes Critical Panels allows users with certain permissions to modify the layout and panel panes on pages or entities utilizing panels. Much of the functionality to modify these panels rely on backend routes that call administrative forms. These forms did not...
Fieldable Panels Panes - Moderately Critical - XSS - SA-CONTRIB-2016-025
This module enables you to create fieldable entities that have special integration with Panels. The module doesn't sufficiently filter the entity title or admin title fields when they are displayed in either the Panels admin UI or the In-Place Editor IPE, allowing for specially crafted XSS attack...