[development] Video module getting ready for 4.7 release: need help debugging

[Dries Buytaert]

On 18 Jun 2006, at 23:44, Dries Buytaert wrote:
> 1. Your code has various XSS problems.  For example:
>
>   t('play %link', array('%link' => $node->title))
>
> should be:
>
>   t('play %link', array('%link' => theme('placeholder', $node- 
> >title)))

The following modules or files make the exact same security mistake  
(XSS):

acidfree/acidfree.module
acidfree/class_album.inc
acidfree/class_photo.inc
acidfree/class_video.inc
aggregator2/aggregator2.module
amazontools/amazon.module
bugs/bugs.module
citizenspeak/citizenspeak.theme.php
commentmail/commentmail.module
cvbuilder/cvbuilder.module
discography/discography.module
eatlocal/resource/resource.module
ecommerce/contrib/auction/auction.module
ecommerce/subproducts/subproducts.inc
eventrepeat/eventrepeat.module
export_docbook/export_docbook.module
faq/faq.module
gojoingo/modules/gjg_event/gjg_event.module
groups/groups.module
img_assist/img_assist.module
interview/interview.module
listhandler/listhandler.module
macrotags/macros.inc
mail/mail.module
moviereview/moviereview.module
naggregator/naggregator.module
naggregator/naggregator_convert.php
news_page/news_page.module
node_aggregator/naggregator.convert.php
node_image/node_image.module
playlist/playlist.module
pr/pr.module
print/print.node.tpl.php
project/update-project.php
publication/publication.module
recipe/recipe.module
send/send.inc
shortcuts/shortcuts.module
spam/spam.module
staffbio/staffbio.module
tagnode/tagnode.module
tec/tec.module
term_access/patches/book.patch
topic/topic.module
trackback/trackback.module
upcomingorg/upcomingorg.module
userreview/userreview.module
wallpaper/wallpaper.module
webcomic/webcomic_theme.inc
webform/webform.module
whatsrelated/whatsrelated.module
wishlist/wishlist.module

(There might be some false positives.)

--
Dries Buytaert  ::  http://www.buytaert.net/