Renatog

**Name of the Vulnerable Software and Affected Versions** Drupal Block Class versions 4.0.0 through 4.0.0 **Description** The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), in the Drupal Block Class. This allows for Cross-Site Scripting (XSS) attacks. **Recommendations** For Drupal Block Class version 4.0.0, update to version 4.0.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Drupal Pages Restriction Access versions 2.0.0 through 2.0.2 **Description** The issue is related to an incorrect authorization mechanism in the Pages Restriction Access module of the Drupal CMS system. This allows a remote attacker to bypass security restrictions and perform a forceful browsing attack. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** For versions 2.0.0 through 2.0.2, update to version 2.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the Pages Restriction Access module until a patch is available.