Cross-Site Scripting Vulnerability in Drupal Token Module
CVE-2007-5621

Currently unrated

Key Information:

Vendor

Drupal
Status
Invite Module
Token Module
Drupal
Paypal Node Module
Vendor
CVE Published:
22 October 2007

What is CVE-2007-5621?

The Token module for Drupal contains multiple cross-site scripting (XSS) vulnerabilities that could allow remote authenticated users with the post comments privilege to inject arbitrary web scripts or HTML. This can be exploited through various vectors related to comments, vocabulary names, term names, and usernames, impacting the security of the site and potentially exposing sensitive user information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/38073
vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/37275
vdb-entryx_refsource_XF
http://drupal.org/node/184336
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.