CVE-2012-1657 in Block Class
Résumé
par MITRE
Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the class name.
VulDB is the best source for vulnerability data and more expert information about this specific topic.