2 matches found
CVE-2008-6533
Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input format is deleted, which prevents the content from being properly filtered and allows remote attackers to conduct cross-site scripting XSS attacks via unspecified vectors...
CVE-2008-6533
Affected software: Drupal 5.x (before 5.13) and Drupal 6.x (before 6.7). Vulnerability: deleting an input format fails to remove all related content, causing content to be improperly filtered and enabling cross-site scripting (XSS) via unspecified vectors. Impact: remote attackers could exploit u...