scroll to top - Moderately critical - Cross site scripting - SA-CONTRIB-2019-061
Project: scroll to top Date: 2019-August-14 Security risk: Moderately critical 13∕25 Vulnerability: Cross site scripting
The Scroll To Top module enables you to have an animated scroll to top link in the bottom of the node.
The module does not sufficiently filter configuration text leading to a Cross Site Scripting (XSS) vulnerability.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer scroll to top".
Install the latest version of the module.
If you use the Scroll To Top module for Drupal 7.x, upgrade to Scroll To Top 7.x-2.2
Also see the scroll to top project page.