|
CVE Reference: CVE-2006-4360
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2006-4360
|
|
Description:
Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal before file.module 1.37.2.4 (20060812) allows remote authenticated users with the "create products" permission to inject arbitrary web script or HTML via unspecified vectors.
|
|
CVE Status:
Candidate
|
|
References:
XF
http://xforce.iss.net/xforce/xfdb/28528
SAID
Secunia Advisory: SA21604
CONFIRM
http://drupal.org/node/80084
BID
19675
|
|
|
Return to the previous page.
|
