Release info

Created by: justindodge
Created on: August 15, 2012 - 15:01
Last updated: August 15, 2012 - 18:19
Core compatibility: 6.x
Release type: Security update

Release notes

Sanitizes 'block names' from the hotblocks settings screen to prevent XSS vulnerabilities.

Prevents infinite looping in situations where the same hotblock references itself as content, or another hotblock references one that in turn references itself.

SA-CONTRIB-2012-126 - Hotblocks - Cross Site Scripting (XSS) and Denial of Service (DoS)