MidnightBSD

Advisories for path_breadcrumbs_project

CVE-2015-3391 MEDIUM

The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
path_breadcrumbs_project path_breadcrumbs *
CVE-2015-6754 LOW

Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
path_breadcrumbs_project path_breadcrumbs 7.x-3.1
path_breadcrumbs_project path_breadcrumbs 7.x-3.0
path_breadcrumbs_project path_breadcrumbs 7.x-3.2