First published: Tue Sep 18 2012(Updated: )
Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the class name.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fourkitchens Block Class | =5.x-1.0 | |
Fourkitchens Block Class | =5.x-1.0-rc | |
Fourkitchens Block Class | =5.x-1.1 | |
Fourkitchens Block Class | =5.x-1.x-dev | |
Fourkitchens Block Class | =6.x-1.0 | |
Fourkitchens Block Class | =6.x-1.1 | |
Fourkitchens Block Class | =6.x-1.2 | |
Fourkitchens Block Class | =6.x-1.3 | |
Fourkitchens Block Class | =6.x-1.4 | |
Fourkitchens Block Class | =6.x-1.4-beta1 | |
Fourkitchens Block Class | =6.x-1.x-dev | |
Fourkitchens Block Class | =6.x-2.x-dev | |
Fourkitchens Block Class | =7.x-1.0 | |
Fourkitchens Block Class | =7.x-1.x-dev | |
Drupal Drupal |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.