Vulnerabilities for Block class (...) - CXSECURITY.COM

Vulnerabilities for 'Block class'

2016-04-15

CVE-2016-3144

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.

2012-09-18

CVE-2012-1657

CWE-79

Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the class name.

>>> Vendor: Fourkitchens 3 Products

Recent comments

Block class

Copyright 2024, cxsecurity.com