Description

Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs.

Remediation

References

CVE-2005-0682

Related Vulnerabilities

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13587)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11876)

WordPress Plugin Custom Global Variables Cross-Site Scripting (1.0.5)

WordPress Plugin Dropbox Folder Share Server-Side Request Forgery (1.9.7)

WordPress Plugin Blogstand Banner Cross-Site Scripting (1.0)

Severity

Medium

Classification

CVE-2005-0682

Tags

Missing Update Known Vulnerabilities