Filtered by vendor Christopher Mitchell
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-2705 | 2 Christopher Mitchell, Drupal | 2 Smart Breadcrumb, Drupal | 2024-11-21 | 2.1 LOW | N/A |
The filter_titles function in the Smart Breadcrumb module 6.x-1.x before 6.x-1.3 for Drupal does not properly convert a title to plain-text, which allows remote authenticated users with create or edit node permissions to conduct cross-site scripting (XSS) attacks via the title parameter. |