CVE-2011-3373

CVE-2011-3373

Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the vocabulary has had user tagging enabled and the "Modify node taxonomy terms" action is used. A remote attacker could provide a specially-crafted URL that could lead to cross-site scripting (XSS) attack.

Source: CVE-2011-3373

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다