Patrick Fey

**Name of the Vulnerable Software and Affected Versions** Drupal Browser Back Button versions 1.0.0 through 2.0.2 **Description** The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting (XSS). This can enable a remote attacker to conduct cross-site scripting attacks. **Recommendations** For versions 1.0.0 through 2.0.2, update to version 2.0.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Drupal Coffee versions 0.0.0 through 1.4.0 **Description** The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting (XSS). This can be exploited by a remote attacker to conduct a cross-site scripting attack. **Recommendations** For versions 0.0.0 through 1.4.0, update to a version 1.4.0 or later to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.