CVE

CVE-2010-2250

admin

CVE-2010-2250

Drupal 6.x before 6.16 uses a user-supplied value in output during site installation which could allow an attacker to craft a URL and perform a cross-site scripting attack.

Source: CVE-2010-2250

Exit mobile version