CVE-2008-5996
CVE-2008-5996 is a Cross-site scripting (XSS) vulnerability in the Drupal Simplenews module (5.x before 5.x-1.5 and 6.x before 6.x-1.0-beta4). It allows remote authenticated users who possess "administer taxonomy" permissions to inject arbitrary web script or HTML via a Newsletter category field....