SA-CONTRIB-2012-010 - stickynote - Multiple vulnerabilities
CVE: CVE-2012-1636 This module enables you to add textual notes in a block to perform quality assurance of your site. Previously it did not sufficiently protect against Cross Site Scripting XSS or Cross Site Request Forgery CSRF. This vulnerability is mitigated by the fact that an attacker must...