CVE-2010-4520

Name of the Vulnerable Software and Affected Versions Drupal Views module version 6.x before 6.x-2.11

Description The issue allows remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator feed title, potentially leading to cross-site scripting (XSS) attacks.

Recommendations For versions prior to 6.x-2.11, update to version 6.x-2.11 or later to resolve the issue.