Description

Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs.

Remediation

References

CVE-2005-0682

Related Vulnerabilities

WordPress Improper Authentication Vulnerability (CVE-2014-0166)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4300)

silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4824)

WordPress Plugin Media Library Categories Multiple Cross-Site Scripting Vulnerabilities (1.1.1)

WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)

Severity

Medium

Classification

CVE-2005-0682

Tags

Missing Update Known Vulnerabilities