2 matches found
CVE-2012-2308
Cross-site scripting XSS vulnerability in the Taxonomy Grid : Catalog module for Drupal 6.x-1.6 and earlier allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-2308
CVE-2012-2308 describes a Cross-Site Scripting (XSS) vulnerability in the Drupal contributed module Taxonomy Grid: Catalog for Drupal 6.x-1.6 and earlier. The issue arises because user-supplied text is not properly filtered, allowing remote authenticated users with certain permissions to inject a...