CVE-2008-3741 (Drupal) |
|
| BugsAlert Home > CVE-2008-3741 (Drupal) | |
|
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a web browser, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks by uploading files containing arbitrary web script or HTML. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3741 Learn more about CVE-2008-3741 (Drupal) |
|
| Tags: cve-2008-3741 drupal | |
Related Items |
|
|
CVE-2008-2199 (kmita_mail)
|
|
|
CVE-2008-0657 (JRE, JDK)
|
|
|
JS_AGENT.OEZ
|
|
|
Half of businesses unaware if staff are running virtual desktops, Sophos poll reveals
|
|
|
FrSIRT - rPath Linux Security Update Fixes "allowpull" Permission Weakness
|
|
|
A Secure Nagios Server
|
|
|
CVE-2008-4632 (kure)
|
|
