Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search Keywords module before 1.15 2006/09/15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "lack of validation on output."
References
Link | Resource |
---|---|
http://drupal.org/node/85050 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/20126 | Patch |
http://secunia.com/advisories/22021 | Vendor Advisory Patch |
http://www.vupen.com/english/advisories/2006/3715 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/29063 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2006-09-22 18:07
Updated : 2017-07-19 18:33
NVD link : CVE-2006-4947
Mitre link : CVE-2006-4947
JSON object : View
CWE
Products Affected
drupal
- search_keyword_module