3 matches found
MiracleLinux 3 : drupal-6.8-2AXS3 (AXSA:2009-68:02)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-68:02 advisory. Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content on a...
CVE-2009-1844
Multiple cross-site scripting XSS vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow 1 remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, which are not properly handled in the...
CVE-2009-1844
CVE-2009-1844 affects Drupal 5.x (prior to 5.18) and 6.x (prior to 6.12). The issue comprises two XSS vectors: (1) remote authenticated users can inject script via UTF-8 byte sequences misinterpreted as UTF-7 in the HTML exports of books, and (2) remote authenticated users with administer taxonom...