CVE-2008-5999

Name of the Vulnerable Software and Affected Versions Ajax Checklist module versions prior to 5.x-1.1 for Drupal

Description The issue allows remote authenticated users with create and edit permissions for posts to inject arbitrary web script or HTML. This is achieved via unspecified vectors involving the ajax checklist filter.

Recommendations For versions prior to 5.x-1.1, update to version 5.x-1.1 or later to resolve the issue.