Drupal Webform Module Cross Site Scripting and Arbitrary File Upload Vulnerabilities

Bugtraq ID: 47915
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: May 19 2011 12:00AM
Updated: May 19 2011 12:00AM
Credit: Justin Klein Keane of the Drupal Security Team
Vulnerable: Drupal Webform 7.x-3.9
Drupal Webform 6.x-3.9
Drupal Webform 6.x-2.10
Not Vulnerable: Drupal Webform 7.x-3.11
Drupal Webform 7.x-3.10
Drupal Webform 6.x-3.11
Drupal Webform 6.x-3.10


 

Privacy Statement
Copyright 2010, SecurityFocus