drupal6-views

2011-02-06

Page content

Author: Miklos Vajna
Vulnerable: 6.x_2.11-1
Unaffected: 6.x_2.12-1haven1

Multiple vulnerabilities have been reported in the Views module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

Bug Tracker URL: http://bugs.frugalware.org/task/4390

CVEs:

No CVE references, see
http://drupal.org/node/999380.