Cross-site scripting (XSS) vulnerability in Drupal 5.x prior to 5.12 and 6.x prior to 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 5.10 |
||
drupal drupal 5.4 |
||
drupal drupal 5.3 |
||
drupal drupal 6.2 |
||
drupal drupal 6.1 |
||
drupal drupal 6.0 |
||
drupal drupal 5.9 |
||
drupal drupal 5.7 |
||
drupal drupal 5.0 |
||
drupal drupal 6.4 |
||
drupal drupal 5.11 |
||
drupal drupal 5.8 |
||
drupal drupal 5.2 |
||
drupal drupal 5.1 |
||
drupal drupal 5.6 |
||
drupal drupal 5.5 |
||
drupal drupal 6.5 |
||
drupal drupal 6.3 |