Drupal etracker module < 3.1.0 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module etracker versions 3.1.0...

Cross site scripting

Cross-site scripting XSS vulnerability in the eTracker module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML by appending a crafted string to an arbitrary URL associated with the Drupal site...

CVE-2010-1543

Cross-site scripting XSS vulnerability in the eTracker module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML by appending a crafted string to an arbitrary URL associated with the Drupal site...

CVE-2010-1543

The CVE-2010-1543 entry concerns a Cross-site Scripting (XSS) vulnerability in the Drupal eTracker module, prior to version 6.x-1.2. The issue enables an attacker to inject arbitrary web script or HTML by appending a crafted string to an arbitrary URL associated with the Drupal site. The provided...

CVE-2010-1543

Cross-site scripting XSS vulnerability in the eTracker module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML by appending a crafted string to an arbitrary URL associated with the Drupal site...

SA-CONTRIB-2010-024 - eTracker - Cross Site Scripting

The eTracker module provides integration of a Drupal site with the eTracker web traffic analysis service and takes the current URL as a parameter to track what pages have been visited. The URL from the browser is forwarded to JavaScript in the current page, and because the URL wasn't sanitised, i...