CVE-2006-6386
CVE-2006-6386 is a Cross-site Scripting (XSS) vulnerability in Drupal’s CVS management/tracker components (4.7.x-1.0, 4.7.x-2.0, 4.7.0 before 20060807). The flaw allows remote attackers to inject arbitrary web script or HTML via the motivation field on the CVS application page, because the value ...