|
CVE Reference: CVE-2008-6229
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2008-6229
|
|
Description:
Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construction Kit (CCK) 5.x before 5.x-1.10 and 6.x before 6.x-2.0, a module for Drupal, allows remote authenticated users with "administer content" permissions to inject arbitrary web script or HTML via (1) field labels and (2) content-type names.
|
|
CVE Status:
Candidate
|
|
References:
XF
http://xforce.iss.net/xforce/xfdb/46377
SAID
Secunia Advisory: SA32572
Secunia Advisory: SA32615
FEDORA
CONFIRM
http://drupal.org/node/330546
BID
32136
|
|
|
Return to the previous page.
|
