context_form_alteration 7.x-1.2

Install

Works with Drupal: 7.x

Using Composer to manage Drupal site dependencies

Downloads

Download tar.gz 11.4 KB

MD5: 47c079ed6d95c56337a31c5d16e4a168

SHA-1: fce92fe7e2536270d1d2917aeff5a90af56ce5c8

SHA-256: 25a0b4b499abf462d7f0334bc55701d1f99601592ad986bf4f0a1a5b5b6d1c6d

Download zip 13.16 KB

MD5: 740ccecae9b9116d8a77b584672b0371

SHA-1: f11afd210b3fcd476a6b7489db1c977bc1d24a0e

SHA-256: 6fd26b0931338fed11674cc1e37b93bd6a1d3b99d85c3fe1c807fbc3c8e22959

Release notes

SA-CONTRIB-2014-046 - Context Form Alteration - Cross Site Scripting (XSS)

This module enables admins to alter forms via Context reactions.
The module doesn't sufficiently sanitize user input entered within the Context configuration UI.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer contexts".

Created by: doublejosh
Created on: 29 Apr 2014 at 00:36 UTC
Last updated: 3 Sep 2014 at 00:53 UTC

7.x-1.2

Security update

Unsupported

Other releases

View usage statistics for this release

context_form_alteration 7.x-1.2

Install

Downloads

Release notes

Other releases

News items

Our community

Documentation

Drupal code base

Governance of community