PT-2009-1885 · Drupal · Drupal Answers

Justin Klein Keane

Publicado

2009-03-06

Atualizado

2017-08-17

CVE-2008-6413

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Drupal Answers module versions 5.x-1.x-dev and possibly other 5.x versions

Description: A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML via a Simple Answer to a question.

Recommendations: For versions 5.x-1.x-dev and other affected 5.x versions, update to a version that includes a fix for this issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2008-6413

Drupal Answers