|
|
CVE Reference: CVE-2008-6170 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-6170 |
|
|
Description: Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/46052 SAID Secunia Advisory: SA32297 Secunia Advisory: SA32441 FEDORA CONFIRM http://drupal.org/node/324824 BID 31882 |
|
| Return to the previous page. |
