4 matches found
Insecure Cryptography
packbackbooks/lti-1p3-tool uses an insecure cryptographic configuration. The vulnerability exists due to improper configuration of generating cookies and openid values which allows an attacker to predict the token value and forge the token...
GHSA-6CJ8-C359-P7Q9 Drupal vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...
CVE-2008-3218
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...