Description
Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 before 4.6.9, and 4.7 before 4.7.3, allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: portions of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Statistics SQL Injection (12.6.6.1)
MySQL Other Vulnerability (CVE-2005-2572)
WordPress Plugin Visitor Traffic Real Time Statistics Security Bypass (2.11)
Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-10795)
Oracle Database Server CVE-2019-2734 Vulnerability (CVE-2019-2734)