Posted by Todd Nienkerk on January 18, 2010 at 10:22pm
| Download | Size | md5 hash |
|---|---|---|
| recent_comments-5.x-1.3.tar.gz | 7.52 KB | c841754dd47ba57fc66a2e78c9415194 |
| recent_comments-5.x-1.3.zip | 8.36 KB | fd13bd2bcc4e4dbfcc9f882a369270d8 |
Last updated: December 24, 2010 - 23:43
This release includes a fix for a cross-site scripting (XSS) vulnerability in which JavaScript could be inserted in the title of the Recent Comments block via a custom block title interface. This custom title interface has been removed, as Drupal 5.x and later allow overriding the a block's title from its configuration screen.