CVE-2010-2250
CVE-2010-2250 affects Drupal 5.x and 6.x up to 6.15/6.16, where a user-supplied value is echoed during site installation, enabling cross-site scripting via a crafted URL. Evidence in multiple sources confirms Drupal-based XSS risk and indicates mitigations exist in later Drupal releases (6.16+; D...