Description
modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 allows remote attackers to have unspecified impact via a crafted DOCTYPE declaration in an XRDS document.
Remediation
References
Related Vulnerabilities
Magento CVE-2019-7876 Vulnerability (CVE-2019-7876)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0346)
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986)
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-2041)
WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)