Drupal Prior To 6.16 And 5.22 Multiple Security Vulnerabilities Network Vulnerability

Summary

Drupal is prone to multiple vulnerabilities, including cross-site scripting issues, a phishing issue, and a security-bypass issue. An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions, or perform other attacks. These issues affect the following: Drupal 5.x prior to 5.22 Drupal 6.x prior to 6.16

Solution

Updates are available. Please see the references for details.

References

http://drupal.org
http://drupal.org/node/731710
http://www.securityfocus.com/bid/38545

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe ColdFusion Unspecified Information Disclosure Vulnerability
Apache mod_proxy_ajp Information Disclosure Vulnerability
Ampache Reflected Cross Site Scripting Vulnerability
Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities

Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities

Take action and discover your vulnerabilities