5 matches found
EUVD-2012-2076
Malware in sbrugna...
CVE-2012-2070
Cross-site scripting XSS vulnerability in the MultiBlock module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the administer blocks permission to inject arbitrary web script or HTML via the block title...
Cross site scripting
Cross-site scripting XSS vulnerability in the MultiBlock module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the administer blocks permission to inject arbitrary web script or HTML via the block title...
CVE-2012-2070
Cross-site scripting XSS vulnerability in the MultiBlock module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the administer blocks permission to inject arbitrary web script or HTML via the block title...
CVE-2012-2070
The CVE-2012-2070 issue affects the Drupal MultiBlock module (versions 6.x-1.x prior to 6.x-1.4 and 7.x-1.x prior to 7.x-1.1). The root cause is insufficient sanitization of the block title, allowing an authenticated user with the administer blocks permission to inject arbitrary web script or HTM...