6 matches found
CVE-2010-1584
Cross-site scripting XSS vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description...
Cross site scripting
Cross-site scripting XSS vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description...
CVE-2010-1584
The CVE-2010-1584 entry affects the Drupal Context module prior to 6.x-2.0-rc4. It describes a Cross-site scripting (XSS) vulnerability where remote authenticated users with Administer Blocks privileges can inject arbitrary script or HTML via a block description. The root cause is inadequate sani...
CVE-2010-1584
Cross-site scripting XSS vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks privileges, to inject arbitrary web script or HTML via 1 strings used in block translation or 2 the...
CVE-2010-1530
Multiple cross-site scripting XSS vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks privileges, to inject arbitrary web script or HTML via 1 strings used in block translation or 2 the...