RSS   Vulnerabilities for 'Cck comment reference'   RSS

2009-04-20
 
CVE-2009-1342

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via certain comment titles associated with a node edit form.

 

 >>> Vendor: Drupal 148 Products
Project
Shoutbox
Drupal
TALK
FAQ
E-publish
Workflow
Form mail module
Job search
Bibliography module
Recipe module
Drupal easylinks module
Drupal e-commerce module
Drupal pathauto module
Drupal pubcookie module
Drupal userreview module
Search keyword module
Site profile directory module
Extended tracker
Cvs management and tracker
Chatroom module
Help tip module
Drupal project
Drupal project issue tracking
Drupal mysite
Imce module
Project issue tracking module
Acidfree
Textimage
Secure site module
Audio module
Getid3
Mediafield module
Nodefamily
Openid
Database administration module
Print module
Forward module
Logintoboggan module
Content construction kit
Commons
Storm
Weblinks
Asin field module
E-commerce module
Fullname field for cck
Invite module
Node relativity module
Pathauto module
Paypal node module
Token module
Ubercart module
Feature module
Meta tags module
Bueditor
Atom module
Fileshare module
Archive module
Comment upload module
Userpoints module
Header image
Webform module
Internationalization
Localizer
Site documentation module
Node hierarchy module
Magic tabs module
Taxonomy image module
Trailscout module
Aggregation module
Taxonomy autotagger module
Organic groups module
Outline designer module
Tinytax taxonomy block module
Suggested terms module
Upload module
Mailsave
Mailhandler
Link to us
Brilliant gallery
Shindig-integrator
Node clone
Stock module
Ajax checklist
Views
Everyblog
Semantically interconnected online communities
Localization client
Localization server
User karma module
Comment mail
QUIZ
Views bulk operations
Link module
Protected node module
Taxonomy theme module
Tasklist
Plus1
Print
Feedapi mapper
See all Products for Vendor Drupal


Copyright 2024, cxsecurity.com

 

Back to Top