The issue described in XML Sitemap - Moderately Critical - XSS - SA-CONTRIB-2016-030 also affects Drupal 6! A series of patches are attached for different versions of xmlsitemap.

Comments

dsnopek created an issue. See original summary.

dsnopek’s picture

Status: Needs review » Fixed

Committed the patches!

fernando iglesias’s picture

Confirming the 2.x patch works. You guys are fast, thanks :)

dsnopek’s picture

Thanks!

(BTW, we worked on the D6LTS patches before the issue was publicly disclosed, that's why we were able to release them so quickly :-))

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.