2 matches found
CVE-2009-3914
Cross-site scripting XSS vulnerability in the Temporary Invitation module 5.x before 5.x-2.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Name field in an invitation...
CVE-2009-3914
The CVE-2009-3914 entry concerns Drupal’s Temporary Invitation module (5.x) with versions before 5.x-2.3. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script/HTML via the Name field in an invitation. Impact is partial integrity of affecte...