Skip to Content
 Русский Русский    English English   


FAQ module

Drupal 6.17 faq and faq search modules is containing XSS vulnerability

This code seemed suspicious for me when I was adding pager for FAQ 6.x-1.12 modules feature tho theese modules:

[geshifilter-php] Faq.module,v 2010/10/29 : function faq_view_question(&$data, $node, $path = NULL, $anchor = NULL) { $disable_node_links = variable_get('faq_disable_node_links', FALSE); $question = ''; if ($disable_node_links) { if (empty($path) && empty($anchor)) { $question = check_plain($node->title); } elseif (empty($path)) {[/geshifilter-php]

 Main    Download    Documentation    Demo    Bug tracking    License    Blogs