Cross-site scripting (XSS) vulnerability in the Greg Holsclaw Link to Us module 5.x before 5.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the “Link page header” field.
CPE | Name | Operator | Version |
---|---|---|---|
link_to_us | eq | <= 5.x-1.0 | |
link_to_us | eq | 5.0.0-x1-xdev |