Download Size md5 hash
menu_breadcrumb-6.x-1.3.tar.gz 14.84 KB 863f6caf6878afaa0a2e3c13ca998660 18.57 KB e8d9577f90d1a48f7d693a28654df8ef
Last updated: December 24, 2010 - 23:22

Release notes

Menu Breadcrumb menu title XSS (cross-site scripting) issue on admin page fix

The Menu Breadcrumb module does not correctly handle certain user input when displaying the Menu Breadcrumb settings page. Users privileged to manage site menus can insert arbitrary HTML and script code into the administrative settings page for Menu Breadcrumb. Such a cross-site scripting attack may lead to the malicious user gaining administrative access. Wikipedia has more information about cross-site scripting (XSS).

See SA-CONTRIB-2010-013 - Menu Breadcrumb - Cross site scripting for more details.

View change notices for this release
Official release from tag: