Home > Content Management, Cross Site Scripting, Remote Command Execution > Drupal Ubercart Module Script Insertion and Code Injection Vulnerabilities

Drupal Ubercart Module Script Insertion and Code Injection Vulnerabilities

April 30th, 2012

Application: Drupal
Affected Version: Ubercart 6.x-2.x. Drupal versions 6.x-2.x prior to 6.x-2.8 and versions 7.x-3.x prior to 7.x-3.1.
Vendor’s URL: Ubercart Module
Bug Type: Cross Site Scripting and code injection
Risk Level: Critical

Solution:
Update to version 6.x-2.8 or 7.x-3.1.

Content Management, Cross Site Scripting, Remote Command Execution

Comments are closed.