Stephen Mustgrave

**Name of the Vulnerable Software and Affected Versions** Events Log Track versions 0.0.0 through 3.1.10 Events Log Track versions 4.0.0 through 4.0.1 **Description** The issue is related to the allocation of resources without limits or throttling in Drupal Events Log Track, allowing excessive allocation. **Recommendations** For Events Log Track versions 0.0.0 through 3.1.10, update to version 3.1.11 or later. For Events Log Track versions 4.0.0 through 4.0.1, update to version 4.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** baguetteBox.Js versions 0.0.0 through 2.0.3 baguetteBox.Js versions 3.0.0 through 3.0.0 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), in the baguetteBox.Js module for Drupal. This allows for Cross-Site Scripting (XSS) attacks. **Recommendations** For baguetteBox.Js versions 0.0.0 through 2.0.3, update to version 2.0.4 or later. For baguetteBox.Js versions 3.0.0 through 3.0.0, update to version 3.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** Drupal Stage File Proxy versions 0.0.0 through 3.1.4 **Description** The issue is related to the allocation of resources without limits or throttling in Drupal Stage File Proxy, allowing flooding. **Recommendations** For versions 0.0.0 through 3.1.4, update to version 3.1.5 or later to resolve the issue.