Vulnerabilities > Path Breadcrumbs Project

DATE CVE VULNERABILITY TITLE RISK
2015-08-31 CVE-2015-6754 Cross-site Scripting vulnerability in Path Breadcrumbs Project Path Breadcrumbs 7.X3.0/7.X3.1/7.X3.2
Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors.
network
high complexity
path-breadcrumbs-project CWE-79
2.1
2015-04-21 CVE-2015-3391 Information Exposure vulnerability in Path Breadcrumbs Project Path Breadcrumbs 7.X3.0/7.X3.1
The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page.
network
low complexity
path-breadcrumbs-project CWE-200
5.0