Translation Management Security Vulnerabilities

CVE-2011-1662

Cross-site scripting (XSS) vulnerability in Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2011-1663

SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2011-1664

Cross-site request forgery (CSRF) vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.