CVE-2010-1303
N/A
N/A
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary (1) names, (2) terms, and (3) filter menus.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://drupal.org/node/622096
- http://drupal.org/node/758756
- http://www.osvdb.org/63425
- http://secunia.com/advisories/39220
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57445
References
- http://drupal.org/node/622096
- http://drupal.org/node/758756
- http://www.osvdb.org/63425
- http://secunia.com/advisories/39220
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57445
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.