Drupal Prior To 6.16 And 5.22 Multiple Security Vulnerabilities Network Vulnerability

Summary

Drupal is prone to multiple vulnerabilities, including cross-site scripting issues, a phishing issue, and a security-bypass issue. An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions, or perform other attacks. These issues affect the following: Drupal 5.x prior to 5.22 Drupal 6.x prior to 6.16

Solution

Updates are available. Please see the references for details.

References

http://drupal.org
http://drupal.org/node/731710
http://www.securityfocus.com/bid/38545

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
Apache Tiles Multiple XSS Vulnerability
Ampache Reflected Cross Site Scripting Vulnerability
Apache Solr Directory Traversal Vulnerability Jan-14
Advanced Image Hosting Cross Site Scripting Vulnerability

Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities

Take action and discover your vulnerabilities