CVE-2010-1108

The CVE-2010-1108 issue affects the Drupal Control Panel module in versions 5.x up to 5.x-1.5 and 6.x up to 6.x-1.2, where an XSS vulnerability exists. The root cause is a cross-site scripting flaw that can be exploited by remote authenticated users who possess the "administer blocks" privilege t...