2 matches found
CVE-2006-6531
Cross-site scripting XSS vulnerability in the Help Tip module before 4.7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML, and possibly obtain administrative access, via node titles...
CVE-2006-6531
CVE-2006-6531 affects the Drupal Help Tip module prior to 4.7.x-1.0, where an XSS vulnerability exists that allows remote attackers to inject arbitrary script/HTML via node titles. Root cause is an input/output handling flaw in the module that fails to sanitize title content. Impact is partial co...