Download hotblocks-6.x-1.8.tar.gztar.gz 104.4 KB
MD5: d7c5b80777777efcaff1d9597c468ac2
SHA-1: 4608a8e2836fef3c25fed03f1308cdec13c1c165
SHA-256: 6c177d1cbfadd5ce86b51f63319241c8e166fecf728e610d68d28867ae604511
Download hotblocks-6.x-1.8.zipzip 115.89 KB
MD5: 6acad53b261f7011a1ac732acc123ce1
SHA-1: 392db6b65c6c777fb153accb25fefbede1217198
SHA-256: 2fbb4af6fd617cac9f70be2213d897eab4b7b88bceb4bd55395d85ec0c942527

Release info

Created by: justindodge
Created on: August 15, 2012 - 15:01
Last updated: August 15, 2012 - 18:19
Core compatibility: 6.x
Release type: Security update

Release notes

Sanitizes 'block names' from the hotblocks settings screen to prevent XSS vulnerabilities.

Prevents infinite looping in situations where the same hotblock references itself as content, or another hotblock references one that in turn references itself.

SA-CONTRIB-2012-126 - Hotblocks - Cross Site Scripting (XSS) and Denial of Service (DoS)