2 matches found
CVE-2009-4532
Cross-site scripting XSS vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to inject arbitrary web script or HTML via a field label...
CVE-2009-4532
The CVE-2009-4532 issue affects the Drupal Webform module (5.x prior to 5.x-2.8 and 6.x prior to 6.x-2.8). The root cause is a Cross-site Scripting (XSS) vulnerability in a field label. An attacker must be a remote authenticated user with webform creation privileges, and can inject arbitrary web ...