Description

Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4.6 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

Remediation

References

CVE-2006-2260

Related Vulnerabilities

WordPress Plugin BuddyPress Edit Activity Cross-Site Scripting (1.0.5)

Ampache Improper Authentication Vulnerability (CVE-2007-4438)

WordPress Plugin WP Content Copy Protection & No Right Click Security Bypass (3.1.4)

OpenSSL Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2008-0166)

WordPress Plugin MailChimp List Subscribe Form Multiple Unspecified Vulnerabilities (1.1)

Severity

Medium

Classification

CVE-2006-2260

Tags

Missing Update Known Vulnerabilities