CVE-2008-1133

2008-03-04T18:44:00
ID CVE-2008-1133
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T21:36:00

Description

The Drupal.checkPlain function in Drupal 6.0 only escapes the first instance of a character in ECMAScript, which allows remote attackers to conduct cross-site scripting (XSS) attacks.