4 matches found
CVE-2009-2079
Cross-site scripting XSS vulnerability in the administrative page interface in Taxonomy manager 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to injec...
CVE-2009-2079
Cross-site scripting XSS vulnerability in the administrative page interface in Taxonomy manager 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to injec...
CVE-2009-2079
Cross-site scripting XSS vulnerability in the administrative page interface in Taxonomy manager 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to injec...
CVE-2009-2079
The Drupal Taxonomy Manager module contains an XSS in the administrative page interface. Affected versions are Drupal Taxonomy Manager 5.x before 5.x-1.2 and 6.x before 6.x-1.1. Remote authenticated users with taxonomy privileges can inject arbitrary script/HTML via vocabulary names, synonyms, or...