EUVD-2012-1650

Malware in sbrugna...

CVE-2012-1640

Multiple cross-site scripting XSS vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 for Drupal allow remote authenticated users with "administer managesite" permissions to inject arbitrary web script or HTML via the title parameter when 1 adding or 2 updating a category...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 for Drupal allow remote authenticated users with "administer managesite" permissions to inject arbitrary web script or HTML via the title parameter when 1 adding or 2 updating a category...

CVE-2012-1640

Multiple cross-site scripting XSS vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 for Drupal allow remote authenticated users with "administer managesite" permissions to inject arbitrary web script or HTML via the title parameter when 1 adding or 2 updating a category...

CVE-2012-1640

The Drupal Managesite module (6.x-1.x) is affected by XSS in the title field when adding or updating a category, exploitable by remote-authenticated users with the admin’s managesite permission. Affected versions are prior to 6.x-1.1; upgrade to Managesite 6.x-1.1 to remediate. The issue is mitig...

SA-CONTRIB-2012-015 - Managesite - Cross Site Scripting (XSS)

CVE: CVE-2012-1640 This module provides a way to build a control panel similar to the one provided by Drupal 7 on the admin zone /admin. The module doesn't sufficiently filter user supplied text in the administration settings. This vulnerability is mitigated by the fact that an attacker must have...