11 matches found
GHSA-6CJ8-C359-P7Q9 Drupal vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...
CVE-2008-3218
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...
CVE-2010-1303
Multiple cross-site scripting XSS vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary 1...
SA-CONTRIB-2010-033 - Taxonomy Filter - Cross Site Scripting (XSS)
The Taxonomy Filter module enables users to filter node listings by multiple taxonomy terms across multiple vocabularies. Vocabulary names, terms, and filter menus are not sanitized, creating a Cross Site Scripting XSS vulnerability. Exploiting this vulnerability would allow a malicious user to...
CVE-2009-2083
Cross-site scripting XSS vulnerability in the term data detail page in Taxonomy manager 5.x before 5.x-1.2, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to inject arbitrary web script or HTML...
Cross site scripting
Cross-site scripting XSS vulnerability in the term data detail page in Taxonomy manager 5.x before 5.x-1.2, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to inject arbitrary web script or HTML...
CVE-2009-2083
Cross-site scripting XSS vulnerability in the term data detail page in Taxonomy manager 5.x before 5.x-1.2, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to inject arbitrary web script or HTML...
CVE-2009-2079
Cross-site scripting XSS vulnerability in the administrative page interface in Taxonomy manager 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to injec...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...
CVE-2008-3218
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...
CVE-2008-3218
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...