drupal
Page content
- Author: Miklos Vajna
- Vulnerable: 5.20-1getorin1
- Unaffected: 5.21-1getorin1
A vulnerability has been reported in Drupal Core, which can be exploited by malicious users to conduct script insertion attacks. Input passed to the “Category” input field of the Contact module’s administration form is not properly sanitised before being displayed to the user.
- Bug Tracker URL: http://bugs.frugalware.org/task/4052