2 matches found
CVE-2009-3915
Cross-site scripting XSS vulnerability in the "Separate title and URL" formatter in the Link module 5.x before 5.x-2.6 and 6.x before 6.x-2.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the link title field...
CVE-2009-3915
CVE-2009-3915 affects the Drupal Link module’s “Separate title and URL” formatter. The root cause is a cross-site scripting (XSS) vulnerability in the link title field, enabling remote attackers to inject arbitrary script/HTML. Affected versions are 5.x prior to 5.x-2.6 and 6.x prior to 6.x-2.7. ...