7 matches found
EUVD-2009-2074
Malware in sbrugna...
CVE-2009-2078
Multiple cross-site scripting XSS vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the 1 node title and 2 node body in a tree root page...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the 1 node title and 2 node body in a tree root page...
CVE-2009-2078
Multiple cross-site scripting XSS vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the 1 node title and 2 node body in a tree root page...
CVE-2009-2078
Multiple cross-site scripting XSS vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the 1 node title and 2 node body in a tree root page...
CVE-2009-2078
CVE-2009-2078 affects the Drupal Booktree module (5.x before 5.x-7.3; 6.x before 6.x-1.1). The entry describes multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the node title and node body on a tree root page. The provided ...
SA-CONTRIB-2009-035 - Booktree - Cross site scripting
Booktree takes as input a series of Book nodes and create a tree-like structure using Book node relationships.The Booktree module does not properly escape node title and node body on tree root pages. A user with privileges to create book pages could attempt a cross site scripting XSS attack which...