2 matches found
CVE-2009-4829
Cross-site scripting XSS vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privileges to inject arbitrary web script or HTML via unspecified vectors...
Drupal Automated Logout Module HTML Injection Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. An HTML injection vulnerability exists in Drupal's Automated Logout module that stems from a failure to adequately validate user input. An attacker could exploit this...