Bã¡Lint Nagy

**Name of the Vulnerable Software and Affected Versions** Node View Permissions versions 0.0.0 through 1.6.x Node View Permissions versions 2.0.0 through 2.0.0 **Description** An improper check for unusual or exceptional conditions in the Node View Permissions module allows forceful browsing. The module provides "View own content" and "View any content" permissions for each content type. The issue occurs when a user is cancelled and their content is reassigned to the anonymous user, as the module does not sufficiently handle this scenario. This affects private content that should not be accessible to anonymous users but was reassigned to them. **Recommendations** Update versions 0.0.0 through 1.6.x to version 1.7.0. Update version 2.0.0 to version 2.0.1.

Name of the Vulnerable Software and Affected Versions: Drupal IFrame Remove Filter versions 0.0.0 through 2.0.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows an attacker to perform Cross-Site Scripting attacks. Recommendations: For versions 0.0.0 through 2.0.4, update to version 2.0.5 or later to resolve the issue.