CVE-2010-0697
The CVE-2010-0697 entry affects Drupal’s iTweak Upload module (6.x-1.x before 6.x-1.2 and 6.x-2.x before 6.x-2.3). The root cause is an XSS vulnerability where remote authenticated users with create content and upload file permissions can inject arbitrary web script or HTML via the file name of a...