Description
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
Remediation
References
Related Vulnerabilities
WordPress Plugin GeSHi Source Colorer Cross-Site Scripting (0.13)
Magento Improper Authorization Vulnerability (CVE-2021-21026)
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)
Liferay Portal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5327)
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (3.34)