Description
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title.
Remediation
References
Related Vulnerabilities
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10968)
MySQL CVE-2018-2591 Vulnerability (CVE-2018-2591)
WordPress Plugin CF7 Manual Spam Blocker Privilege Escalation (1.0)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4898)
WordPress Plugin WordPress renaming tool by Vlajo Arbitrary File Download (1.0)