Drupal Talk Module Script Insertion and Security Bypass

Published by TL Guan September 22nd, 2008 in Access Bypass, Content Management and Cross Site Scripting.

Application: Drupal
Affected Version: prior to 5.x-1.3 and prior to 6.x-1.5.
Vendor’s URL: Talk Module
Bug Type: Script Insertion and Security Bypass
Risk Level: Cross Site Scripting, Security Bypass

Solution:
Update to version 5.x-1.3 or 6.x-1.5.

Search

Entries RSS

Latest

Joomla Hotel Booking System Component Multiple SQLi
Drupal Views Module Unspecified SQLi
Joomla Live Chat Component “last” SQLi
MediaWiki Multiple Vulnerabilities
phpBB Account Re-activation Security Bypass
Moodle Unspecified Cross-Site Scripting
TWiki Cross-Site Scripting and Command Injection
XOOPS Script Insertion and Local File Inclusion
PunBB Cross-Site Scripting and SQLi
phpBB Tag Board Module “id” SQLi

Exabytes Security Portal

Categories

Drupal Talk Module Script Insertion and Security Bypass

Search

Subscribe

Latest

Archives