Ayman Hourieh discovered that Drupal, a dynamic website platform, performs insufficient input sanitising in the user module, which might lead to cross-site scripting. For the stable distribution (sarge) this problem has been fixed in version 4.5.3-6.1sarge3. For the unstable distribution (sid) this problem has been fixed in version 4.5.8-2. We recommend that you upgrade your drupal package.
Ayman Hourieh discovered that Drupal, a dynamic website platform, performs insufficient input sanitising in the user module, which might lead to cross-site scripting.
For the stable distribution (sarge) this problem has been fixed in version 4.5.3-6.1sarge3.
For the unstable distribution (sid) this problem has been fixed in version 4.5.8-2.
We recommend that you upgrade your drupal package.
MD5 checksums of the listed files are available in the original advisory.