EUVD-2009-4013

Malware in sbrugna...

CVE-2009-4042

Cross-site scripting XSS vulnerability in the RootCandy theme 6.x before 6.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI...

Cross site scripting

Cross-site scripting XSS vulnerability in the RootCandy theme 6.x before 6.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI...

CVE-2009-4042

The CVE-2009-4042 entry describes a cross-site scripting (XSS) vulnerability in the Drupal RootCandy theme, versions 6.x prior to 6.x-1.5. The root cause is insufficient sanitization of the URI, allowing remote attackers to inject arbitrary web script or HTML. Affected software: RootCandy theme 6...

CVE-2009-4042

Cross-site scripting XSS vulnerability in the RootCandy theme 6.x before 6.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI...

SA-CONTRIB-2009-099 - RootCandy Theme - Cross Site Scripting

RootCandy is a theme specifically designed for use in the administration section. The theme fails to sanitize a URL value, leading to a Cross Site Scripting XSS vulnerability. Versions affected RootCandy theme for Drupal 6.x prior to RootCandy 6.x-1.5 Drupal core is not affected. If you do not us...