XSS Vulnerability in Taxonomy Autotagger Module for Drupal
CVE-2008-3091

Currently unrated

Key Information:

Vendor: Drupal
Status: Taxonomy Autotagger Module
Vendor: CVE Published:; 9 July 2008

What is CVE-2008-3091?

The Taxonomy Autotagger module for Drupal prior to version 5.x-1.8 is susceptible to a Cross-Site Scripting (XSS) vulnerability. This flaw allows remote authenticated users, with the ability to create or edit posts, to inject arbitrary web scripts or HTML through unspecified vectors, potentially compromising the security of the site and its users. It is crucial for administrators to update to the recommended version to mitigate these security risks.

References

http://www.securityfocus.com/bid/30067

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/43570

vdb-entryx_refsource_XF

http://secunia.com/advisories/30933

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2008
Vulnerability Reserved
Jul 9, 2008