CVE-2009-4429

Cross-site scripting XSS vulnerability in the Sections module 5.x before 5.x-1.3 and 6.x before 6.x-1.3 for Drupal allows remote authenticated users with "administer sections" privileges to inject arbitrary web script or HTML via a section name aka the Name field...

Drupal Sections Module XSS Vulnerability

Exploit for unknown platform in category web applications ======================================== Drupal Sections Module XSS Vulnerability ======================================== The text of this announcment is also available at http://www.madirish.net/?article=440 Description of Vulnerability:...