CVE-2009-3206 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10 a module for Drupal allow remote authenticated users with \administer imagecache\ permissions to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://drupal.org/node/554084 http://secunia.com/advisories/36412 https://exchange.xforce.ibmcloud.com/vulnerabilities/52594