4 matches found
CVE-2008-6170
Cross-site scripting XSS vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title...
CVE-2008-6170
Cross-site scripting XSS vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title...
CVE-2008-6170
Cross-site scripting XSS vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title...
CVE-2008-6170
CVE-2008-6170 affects Drupal core (5.x before 5.12 and 6.x before 6.6). The vulnerability enables cross-site scripting via the book page title when an attacker has permissions to create book content or edit the book hierarchy; authenticated users can inject arbitrary HTML/JS. Affected products an...