Description

Cross-site scripting (XSS) vulnerability in the output filter in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2008-3740

Related Vulnerabilities

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732)

WordPress 4.5.x Prototype Pollution (4.5 - 4.5.25)

WordPress Plugin WordPress Payments-GetPaid Cross-Site Scripting (2.3.3)

Moodle Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-5013)

Severity

Medium

Classification

CVE-2008-3740 CWE-707

Tags

Missing Update Known Vulnerabilities