WEB APPLICATION VULNERABILITIES Standard & Premium

Drupal Other Vulnerability (CVE-2006-4002)

Description

Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 before 4.6.9, and 4.7 before 4.7.3, allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: portions of these details are obtained from third party information.

Remediation

References

Related Vulnerabilities

WordPress Plugin AdButler Unspecified Vulnerability (1.09)

WordPress Plugin Permalink Manager Lite Cross-Site Scripting (2.2.14)

Lodash Other Vulnerability (CVE-2019-10744)

ownCloud Improper Input Validation Vulnerability (CVE-2012-5610)

Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8093)

Severity

Medium

Classification

CVE-2006-4002

Tags

Missing Update Known Vulnerabilities