RSS   Vulnerabilities for 'Block class'   RSS

2016-04-15
 
CVE-2016-3144

 

 
Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.

 
2012-09-18
 
CVE-2012-1657

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the class name.

 

 >>> Vendor: Fourkitchens 3 Products
Recent comments
Block class
Ed readmore


Copyright 2024, cxsecurity.com

 

Back to Top