PT-2006-3227 · Drupal · Drupal

Dries

Published

2006-05-09

Updated

2017-07-20

CVE-2006-2260

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Drupal versions 4.5 through 4.6

Description A cross-site scripting (XSS) issue exists in the project module, allowing remote attackers to inject arbitrary web script or HTML. The exact attack vectors are not specified.

Recommendations For versions 4.5 and 4.6, update to a newer version to mitigate the risk, as these versions are affected by the XSS vulnerability in the project module.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2260

Affected Products

Drupal

PT-2006-3227 · Drupal · Drupal

CVE-2006-2260

Related Identifiers

Affected Products

References · 7