Cross-site scripting (XSS) vulnerability in the Ubercart 5.x prior to 5.x-1.0 rc3 module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via node titles related to unspecified product features, a different vector than CVE-2008-1428.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
drupal ubercart_module |
Vulmon