2 matches found
SA-CONTRIB-2011-046 - Echo - Multiple Vulnerabilities
The Echo module generates a fully-themed Drupal page, returning the rendered page as a text string and allowing other modules to style an HTML message as if it had been generated by the live website. The module does not properly sanitize user-supplied content, resulting in a Cross-Site Scripting...
SA-CONTRIB-2010-093 - Advanced Taxonomy Blocks - Multiple Vulnerabilities
Advanced Taxonomy Blocks makes use of the JQuery menu module to create extremely customizable blocks for browsing through single hierarchy taxonomies. The module contained Cross Site Scripting vulnerabilities which could allow a malicious user with one of several non-default permissions to inject...