Drupal 5.x prior to 5.13 and 6.x prior to 6.7 does not delete all related content when an input format is deleted, which prevents the content from being properly filtered and allows remote malicious users to conduct cross-site scripting (XSS) attacks via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 5.11 |
||
drupal drupal 5.10 |
||
drupal drupal 5.3 |
||
drupal drupal 5.2 |
||
drupal drupal 6.4 |
||
drupal drupal 5.7 |
||
drupal drupal 5.6 |
||
drupal drupal 6.0 |
||
drupal drupal 6.1 |
||
drupal drupal 5.9 |
||
drupal drupal 5.8 |
||
drupal drupal 5.1 |
||
drupal drupal 5.0 |
||
drupal drupal 6.6 |
||
drupal drupal 5.12 |
||
drupal drupal 5.5 |
||
drupal drupal 5.4 |
||
drupal drupal 6.2 |
||
drupal drupal 6.3 |
||
drupal drupal 6.5 |