Kostia Bohach

**Name of the Vulnerable Software and Affected Versions** Drupal Block Attributes versions 0.0.0 through 1.0.9 Drupal Block Attributes versions 2.0.0 through 2.0.0 **Description** A flaw exists in Drupal Block Attributes that allows for Cross-Site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. **Recommendations** Update Drupal Block Attributes to version 1.1.0 or later. Update Drupal Block Attributes to version 2.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** Drupal Cookies Addons versions 1.0.0 through 1.2.3 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Cross-Site Scripting (XSS). **Recommendations** Update Drupal Cookies Addons to version 1.2.4 or later.