3 matches found
CVE-2009-0817
Cross-site scripting XSS vulnerability in the Protected Node module 5.x before 5.x-1.4 and 6.x before 6.x-1.5, a module for Drupal, allows remote authenticated users with "administer site configuration" permissions to inject arbitrary web script or HTML via the Password page info field, which is...
CVE-2009-0817
This CVE concerns the Drupal Protected Node module. Affected: Protected Node module versions 5.x before 5.x-1.4 and 6.x before 6.x-1.5. Root cause: improper handling in the protected_node_enterpassword function allows an authenticated user with the site-configuration permission to inject arbitrar...
CVE-2009-0817
Cross-site scripting XSS vulnerability in the Protected Node module 5.x before 5.x-1.4 and 6.x before 6.x-1.5, a module for Drupal, allows remote authenticated users with "administer site configuration" permissions to inject arbitrary web script or HTML via the Password page info field, which is...