RSS   Vulnerabilities for 'Service links'   RSS

2009-10-09
 
CVE-2009-3648

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.

 


Copyright 2023, cxsecurity.com

 

Back to Top