EUVD-2010-1390

Malware in sbrugna...

CVE-2010-1362

Cross-site scripting XSS vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML via the term description field in a term listing page...

Cross site scripting

Cross-site scripting XSS vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML via the term description field in a term listing page...

CVE-2010-1362

Cross-site scripting XSS vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML via the term description field in a term listing page...

CVE-2010-1362

Cross-site scripting XSS vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML via the term description field in a term listing page...

CVE-2010-1362

CVE-2010-1362 is an XSS vulnerability in the Drupal Own Term module 6.x-1.0. Remote authenticated users with "create additional terms" privileges can inject arbitrary script or HTML via the term description field on a term listing page. Impact is partial on integrity (XSS) with no confidentiality...

SA-CONTRIB-2010-005 - Own Term - Cross site scripting

The Own Term module allows users to create taxonomy terms in a designated vocabulary and when creating content this term is automatically added to the node. The module does not sanitize the term description on a term listing page which opens a cross-site scripting XSS attack. Users with a role...