5 matches found
Debian Security Advisory DSA 1125-2 (drupal)
The remote host is missing an update to drupal announced via advisory DSA 1125-2. The Drupal update in DSA 1125 contained a regression. This update corrects this flaw. For completeness, the original advisory text below: Several remote vulnerabilities have been discovered in the Drupal web site...
DSA-1125 drupal - several
Bulletin has no description...
CVE-2006-2832
Cross-site scripting XSS vulnerability in the upload module upload.module in Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via the uploaded filename...
CVE-2006-2832
Cross-site scripting XSS vulnerability in the upload module upload.module in Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via the uploaded filename...
CVE-2006-2832
CVE-2006-2832 is a Cross-Site Scripting (XSS) vulnerability in the Drupal upload.module that affects Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, enabling an attacker to inject arbitrary script or HTML via the uploaded filename. The vulnerability was addressed in vendor advisories; OpenVAS a...