2 matches found
CVE-2012-2154
CVE-2012-2154 corresponds to a cross-site scripting (XSS) vulnerability in the CDN2 Video module 6.x for Drupal. The vulnerability arises from the module not sanitizing output, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. According to the DRUPAL-SA-CON...
CVE-2012-2155
CVE-2012-2155: CSRF vulnerability in the CDN2 Video module 6.x for Drupal. The issue allows remote attackers to hijack the authentication of unspecified victims via unknown vectors due to CSRF in the module’s Form API behavior. Affected software is the Drupal CDN2 Video contributed module (versio...