MidnightBSD

Advisories for 2bits

CVE-2010-1074 MEDIUM

Cross-site scripting (XSS) vulnerability in the Currency Exchange module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to watchdog logging.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
2bits currency 5.x-1.3
2bits currency 5.x-1.0
2bits currency 6.x-1.x-dev
2bits currency 5.x-1.x-dev
2bits currency *
2bits currency 4.7.x-1.x-dev
2bits currency 5.x-1.1
2bits currency 6.x-1.0
2bits currency 5.x-1.2
CVE-2025-10930

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Currency allows Cross Site Request Forgery.This issue affects Currency: from 0.0.0 before 3.5.0.

Products Affected

Vendor Product Version
2bits currency *