Cross-Site Scripting Vulnerability in Ajax Checklist Module for Drupal
CVE-2008-5999

Currently unrated

Key Information:

Vendor: Drupal
Status: Ajax Checklist
Vendor: CVE Published:; 28 January 2009

What is CVE-2008-5999?

The Ajax Checklist module for Drupal contains a cross-site scripting vulnerability that allows remote authenticated users, who possess create and edit permissions for posts, to inject arbitrary web scripts or HTML. This vulnerability arises from unspecified vectors that impact the ajax_checklist filter. It is essential for users and administrators to ensure that they are using the latest version of the module to mitigate potential risks.

References

http://secunia.com/advisories/32009

third-party-advisoryx_refsource_SECUNIA

http://drupal.org/node/312968

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/45412

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 28, 2009
Vulnerability Reserved
Jan 28, 2009