Drupal FileField Multiple HTML Injection Vulnerabilities

Bugtraq ID: 40923
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jun 17 2010 12:00AM
Updated: Jun 17 2010 12:00AM
Credit: Peter Wolanin of the Drupal security team and Justin Klein Keane
Vulnerable: Drupal FileField 6.x-3.3
Drupal FileField 6.x-3.2
Drupal FileField 6.x-3.1
Drupal FileField 5.x-2.4
Drupal FileField 5.x-2.3
Not Vulnerable: Drupal FileField 6.x-3.4
Drupal FileField 5.x-2.5


 

Privacy Statement
Copyright 2010, SecurityFocus