3 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the Bibliography Biblio module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...
CVE-2010-1358
Cross-site scripting XSS vulnerability in the Bibliography Biblio module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors...
SA-CONTRIB-2010-006 - Bibliography Module - Cross Site Scripting
The Bibliography module enables users to manage and display lists of scholarly publications. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability. Only users with the 'administer biblio' permission are able to exploi...