Cross site scripting

Cross-site scripting XSS vulnerability in the Barry Jaspan Image Pager 4.7.x-1.x-dev and 5.x-1.x-dev before 2007-02-08 module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to HTML entities and the IMG element...

CVE-2007-1028

Cross-site scripting XSS vulnerability in the Barry Jaspan Image Pager 4.7.x-1.x-dev and 5.x-1.x-dev before 2007-02-08 module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to HTML entities and the IMG element...

CVE-2007-1028

CVE-2007-1028 is an XSS vulnerability in the Drupal module Barry Jaspan Image Pager (versions 4.7.x-1.x-dev and 5.x-1.x-dev prior to 2007-02-08). Remote attackers can inject arbitrary web script or HTML via vectors related to HTML entities and the IMG element. The exact exploitation vectors are n...

CVE-2007-1028

Cross-site scripting XSS vulnerability in the Barry Jaspan Image Pager 4.7.x-1.x-dev and 5.x-1.x-dev before 2007-02-08 module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to HTML entities and the IMG element...

Image pager - Cross site scripting

The Image Pager module uses JavaScript to collect selected images from a page and display them one at a time in a block with previous/next pager links. HTML entities are decoded by the DOM functions used by Image Pager before being reinserted into the web page for display. As a result, a maliciou...