Description
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a web browser, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks by uploading files containing arbitrary web script or HTML.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Hotel Booking Remote Code Execution (1.10.2)
WordPress Plugin Events Shortcodes For The Events Calendar Cross-Site Scripting (1.7.1)
PHP Improper Input Validation Vulnerability (CVE-2009-3291)
WordPress Plugin Social Auto Poster-WordPress Scheduler & Marketing Arbitrary File Upload (5.3.14)
WordPress Plugin WordPress Alipay/Tenpay/PayPal Cross-Site Scripting (3.6.0)