Back to search
CVE-2010-1303
Published: Apr 8, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary (1) names, (2) terms, and (3) filter menus.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://drupal.org/node/622096
x_refsource_CONFIRM
http://drupal.org/node/758756
x_refsource_CONFIRM
63425
vdb-entry
x_refsource_OSVDB
39220
third-party-advisory
x_refsource_SECUNIA
taxonomy-names-xss(57445)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now