3 matches found
CVE-2009-4524
Cross-site scripting XSS vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname aka real name element...
CVE-2009-4524
Cross-site scripting XSS vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname aka real name element...
CVE-2009-4524
CVE-2009-4524 affects the Drupal RealName module (6.x-1.x) prior to 6.x-1.3. It is a Cross-site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the realname element. The entry lists a MEDIUM impact with a base score of 4.3 (NVD), but exploitat...