15 lines
666 B
Text
Executable file
15 lines
666 B
Text
Executable file
source: http://www.securityfocus.com/bid/38545/info
|
|
|
|
Drupal is prone to multiple vulnerabilities, including cross-site scripting issues, a phishing issue, and a security-bypass issue.
|
|
|
|
An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions, or perform other attacks.
|
|
|
|
These issues affect the following:
|
|
|
|
Drupal 5.x prior to 5.22
|
|
Drupal 6.x prior to 6.16
|
|
|
|
The following example URI is available for the redirect issue:
|
|
|
|
http://www.example.com/drupal-6.16/index.php?q=http://www.example.net
|
|
|