First published: Tue Jun 25 2013(Updated: )
Cross-site scripting (XSS) vulnerability in the MP3 Player module for Drupal 6.x allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the file name of a MP3 file.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Jordan De Laune Mp3 Player | <=6.x-1.1 | |
Jordan De Laune Mp3 Player | =6.x-1.0 | |
Jordan De Laune Mp3 Player | =6.x-1.0-beta1 | |
Drupal Drupal |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.