2 Feb
2010
2 Feb
'10
11:48 p.m.
User: agileware Branch: DRUPAL-6--2 Date: Tue, 02 Feb 2010 22:48:15 +0000 Modified files: /modules/signwriter CHANGELOG.txt signwriter.module Log message: * SECURITY FIX - Fixed a security bug that allows arbitrary PHP code to be executed when using a signwriter profile as an input filter, leading to a Cross Site Scripting vulnerability. Any users with the ability to use input filters with signwriter profiles are able to exploit this vulnerability. Links: http://cvs.drupal.org/diff.php?path=contributions/modules/signwriter/CHANGEL... http://cvs.drupal.org/diff.php?path=contributions/modules/signwriter/signwri...