3 matches found
FreeBSD Ports: drupal5
The remote host is missing an update to the system as announced in the referenced advisory. VID 751823d4-f189-11de-9344-00248c9b4be7 OpenVAS Vulnerability Test $ Description: Auto generated from VID 751823d4-f189-11de-9344-00248c9b4be7 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
CVE-2009-4370
Cross-site scripting XSS vulnerability in the Menu module modules/menu/menu.admin.inc in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu...
CVE-2009-4370
CVE-2009-4370 affects Drupal Core 6.x up to 6.14/6.15 via the Menu module (menu.admin.inc). An XSS flaw allows authenticated users with permission to create new menus to inject arbitrary HTML/script through a menu description, which is not properly sanitized in the menu administration overview. I...