Cross-Site Scripting Vulnerability in Drupal Project Issue Tracking Module
CVE-2008-0576

Currently unrated

Key Information:

Vendor: Drupal
Status: Project Issue Tracking Module
Vendor: CVE Published:; 5 February 2008

Summary

The Project Issue Tracking module for Drupal contains a cross-site scripting vulnerability that allows remote authenticated users to inject arbitrary web scripts or HTML. This vulnerability can be exploited through unspecified vectors that interact with summary table pages, potentially leading to unauthorized access or manipulation of site content.

References

http://drupal.org/node/216062

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2008/0376/references

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/28731

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 5, 2008
Vulnerability Reserved
Feb 4, 2008