2 matches found
CVE-2015-6754
CVE-2015-6754 affects the Drupal Path Breadcrumbs module (7.x-3.x) prior to 7.x-3.3. The root cause is insufficient input filtering in the module’s administration interface, enabling remote authenticated users with the Administer Path Breadcrumbs permission to inject arbitrary web script or HTML....
CVE-2015-3391
CVE-2015-3391 affects the Drupal Path Breadcrumbs module prior to 7.x-3.2. The issue allows remote attackers to bypass access controls and read the 403 page to obtain sensitive node titles. The root cause is improper access restriction checks on 403 Not Found pages. Affected versions are Path Bre...