Drupal DRUPAL-SA-CORE-2010-002 Multiple Remote Vulnerabilities

Drupal is prone to multiple remote vulnerabilities, including multiple security-bypass vulnerabilities and an HTML-injection vulnerability.

An attacker can exploit this issue to gain unauthorized access to the affected application, gain access to sensitive information, execute arbitrary script code, steal cookie-based authentication credentials. Other attacks are also possible.

The following versions are affected:

5.x prior to 5.23
6.x prior to 6.18


 

Privacy Statement
Copyright 2010, SecurityFocus