Lucene search

K
prionPRIOn knowledge basePRION:CVE-2008-3218
HistoryJul 18, 2008 - 4:41 p.m.

Cross site scripting

2008-07-1816:41:00
PRIOn knowledge base
www.prio-n.com
1

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.7%

Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) free tagging taxonomy terms, which are not properly handled on node preview pages, and (2) unspecified OpenID values.

CPENameOperatorVersion
drupalge6.0
drupallt6.3
fedoraeq9
fedoraeq8

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.7%