Install

Works with Drupal: 7.x

Using Composer to manage Drupal site dependencies

Downloads

Download block_class-7.x-1.1.tar.gztar.gz 8.49 KB
MD5: b466c130b0fc352d7bd2d434f294e6d6
SHA-1: 06bd46c1ec0cab32f0c38e0c4d36962d11c2971d
SHA-256: 6e7355673bfc96cb4837d1e4f7ff6aa4bd2d8149789164a74ecadcede750ee5b
Download block_class-7.x-1.1.zipzip 9.42 KB
MD5: eba5975f3cea9dac00fe1e3f70dacaf9
SHA-1: 2740a3af16d4729df10c83ccb9898ae7365e8ba9
SHA-256: 9e1672d6924116036254125b6287469791c9506c4934ffb82bbb776ee1738248

Release notes

This release addresses a cross-site scripting (XSS) vulnerability. Due to this vulnerability, a user could inject arbitrary scripts into pages affecting other site users. This could result in administrative account compromise leading to web server process compromise. This vulnerability is mitigated by the fact that an attacker must have the necessary permissions to administer blocks. SA-CONTRIB-2012-032 - Block Class - Cross Site scripting

Created by: Todd Nienkerk
Created on: 7 Mar 2012 at 00:22 UTC
Last updated: 7 Apr 2016 at 17:47 UTC
Git tag 7.x-1.1
Security update

Other releases