EUVD-2012-5433

Malware in sbrugna...

CVE-2012-5541

Cross-site scripting XSS vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "data coming from Twitter."...

CVE-2012-5541

Cross-site scripting XSS vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "data coming from Twitter."...

Cross site scripting

Cross-site scripting XSS vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "data coming from Twitter."...

CVE-2012-5541

The CVE-2012-5541 issue affects the Drupal Twitter Pull module (6.x-1.x and 7.x-1.x branches). The underlying vulnerability stems from insufficient filtering of data coming from Twitter, enabling XSS via unspecified vectors. Affected versions are Twitter Pull 6.x-1.x prior to 6.x-1.3 and 7.x-1.x ...

CVE-2012-5541

Cross-site scripting XSS vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "data coming from Twitter."...

SA-CONTRIB-2012-150 - Twitter Pull - Cross Site Scripting (XSS)

Twitter Pull allows you to retrieve tweets from Twitter based on a user or search and display them on your site. It also includes integration with the boxes module to allow for simple placement of twitter feeds on various pages. The module doesn't sufficiently filter the data coming from Twitter...