Cross-site scripting (XSS) vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML by editing or creating vocabulary names, which are not properly handled in token help.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-07-08T22:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2011-07-08T00:00:00
Link: CVE-2010-4813
JSON object: View
NVD Information
Status : Modified
Published: 2011-07-08T22:55:00.960
Modified: 2017-08-29T01:29:04.113
Link: CVE-2010-4813
JSON object: View
Redhat Information
No data.
CWE