|
|
CVE Reference: CVE-2006-4002 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4002 |
|
|
Description: Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 before 4.6.9, and 4.7 before 4.7.3, allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: portions of these details are obtained from third party information. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28184 SAID Secunia Advisory: SA21332 Secunia Advisory: SA21503 DEBIAN http://www.debian.org/security/2006/dsa-1147 CONFIRM http://drupal.org/node/76748 BID 19325 |
|
| Return to the previous page. |
