Vulnerabilities > Path Breadcrumbs Project > Path Breadcrumbs > 7.x.3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-08-31 | CVE-2015-6754 | Cross-site Scripting vulnerability in Path Breadcrumbs Project Path Breadcrumbs 7.X3.0/7.X3.1/7.X3.2 Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors. | 2.1 |
2015-04-21 | CVE-2015-3391 | Information Exposure vulnerability in Path Breadcrumbs Project Path Breadcrumbs 7.X3.0/7.X3.1 The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page. | 5.0 |