CVE-2010-1358 Information

Description

Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users with \administer biblio\ privileges to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://drupal.org/node/683786 http://secunia.com/advisories/38207 http://www.securityfocus.com/bid/37804