First published: Wed Sep 19 2012(Updated: )
Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via unspecified vectors related to "the vocabulary's help text."
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wim Leers Hierarchical Select | =6.x-3.0 | |
Wim Leers Hierarchical Select | =6.x-3.1 | |
Wim Leers Hierarchical Select | =6.x-3.2 | |
Wim Leers Hierarchical Select | =6.x-3.3 | |
Wim Leers Hierarchical Select | =6.x-3.4 | |
Wim Leers Hierarchical Select | =6.x-3.5 | |
Wim Leers Hierarchical Select | =6.x-3.6 | |
Wim Leers Hierarchical Select | =6.x-3.7 | |
Wim Leers Hierarchical Select | =6.x-3.x-dev | |
Drupal Drupal | ||
Wimleers Hierarchical Select | =6.x-3.0 | |
Wimleers Hierarchical Select | =6.x-3.1 | |
Wimleers Hierarchical Select | =6.x-3.x-dev |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.