Posted by Todd Nienkerk on January 18, 2010 at 10:21pm
| Download | Size | md5 hash |
|---|---|---|
| recent_comments-6.x-1.1.tar.gz | 7.51 KB | cf6fbeb1e2284887f0262a7399a7d4c6 |
| recent_comments-6.x-1.1.zip | 8.36 KB | 0f4c41e87410b91b2756f01e6639f644 |
Last updated: December 24, 2010 - 23:43
This release includes a fix for a cross-site scripting (XSS) vulnerability in which JavaScript could be inserted in the title of the Recent Comments block via a custom block title interface. This custom title interface has been removed, as Drupal 5.x and later allow overriding the a block's title from its configuration screen.