Date: Fri, 23 Sep 2011 11:22:48 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: Drupal Security Team <security@...pal.org> Subject: Re: CVE Request -- drupal6-views_bulk_operations: XSS due improper escaping of a vocabulary help (SA-CONTRIB-2011-042) ----- Original Message ----- > Hello Josh, Steve, vendors, > > it was found in the way Drupal Views Builk Operations (VBO) module did > not escape the vocabulary help properly, when the vocabulary has had user > tagging enabled and "Modify node taxonomy terms" action was used for > modification of the taxonomy. A remote attacker could provide a > specially-crafted URL, which once visited by unsuspecting Drupal user, > disposing with the 'administer taxonomy' permission / privilege, could > lead to arbitrary HTML or web script execution (cross-site scripting > [XSS] attack). > > References: >  http://drupal.org/node/1286844 >  http://secunia.com/advisories/46114/ >  https://bugzilla.redhat.com/show_bug.cgi?id=740553 > > Upstream solution: > > Upgrage to 6.x-1.11: >  http://drupal.org/node/1286778 > > Could you allocate a CVE id for this? > Please use CVE-2011-3373. Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ