Description

Cross-site scripting (XSS) vulnerability in the Recipe module (recipe.module) before 1.54 for Drupal 4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2006-4120

Related Vulnerabilities

WordPress Plugin Dropshix Security Bypass (4.0.13)

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.15)

WordPress Plugin Leaflet 'id' Parameter Cross-Site Scripting (0.0.1)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-29450)

WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Security Bypass (0.1.0.44)

Severity

Medium

Classification

CVE-2006-4120

Tags

Missing Update Known Vulnerabilities