Drupal · Drupal · CVE-2010-2030
**Name of the Vulnerable Software and Affected Versions**
Drupal versions prior to 5.x-1.0
Drupal versions prior to 6.x-1.2
**Description**
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is related to vectors involving administration and redirect pages.
**Recommendations**
For versions prior to 5.x-1.0, update to version 5.x-1.0 or later.
For versions prior to 6.x-1.2, update to version 6.x-1.2 or later.