Drupal Webform Module HTML Injection and Information Disclosure Vulnerabilities

Bugtraq ID: 36708
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Oct 15 2009 12:00AM
Updated: Oct 19 2009 03:18PM
Credit: Justine Klein Keane and seattlehimay
Vulnerable: Drupal Webform Module 6.x-2.7
Drupal Webform Module 6.x-2.0-beta3
Drupal Webform Module 6.x-2.0-beta2
Drupal Webform Module 5.x-2.7
Drupal Webform Module 5.x-2.0-beta3
Drupal Webform Module 5.x-2.0-beta2
Drupal Webform Module 5.x-1.9
Drupal Webform Module 5.x-1.10
Drupal Webform 0
Not Vulnerable: Drupal Webform Module 6.x-2.8
Drupal Webform Module 5.x-2.8


 

Privacy Statement
Copyright 2010, SecurityFocus