CVE-2010-1303 Information
Share on:
Feb 14, 2021
cve
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users with administer taxonomy permissions or create node permissions when free tagging is enabled to inject arbitrary web script or HTML via vocabulary (1) names (2) terms and (3) filter menus.
Reference
http://drupal.org/node/622096 http://drupal.org/node/758756 http://secunia.com/advisories/39220 http://www.osvdb.org/63425 https://exchange.xforce.ibmcloud.com/vulnerabilities/57445