Fedora 11 Security Update: drupal-6.15-1.fc11

Article Source Fedora 11 Security Updates
December 17, 2009, 7:19 pm
The Contact module does not correctly handle certain user input when
displaying category information. Users privileged to create contact
categories can insert arbitrary HTML and script code into the contact module
administration page. Such a cross-site scripting attack may lead to the
malicious user gaining administrative access. Wikipedia has more information
about cross-site scripting [1] (XSS). This issue affects Drupal 6.x and
Drupal 5.x...


Subscribe to Comments Feed

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board