CVE-2010-1530 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users with translate interface or administer blocks privileges to inject arbitrary web script or HTML via (1) strings used in block translation or (2) the untranslated input.

Reference

http://drupal.org/node/764906 http://drupal.org/node/764998 http://osvdb.org/63589 http://secunia.com/advisories/39361 http://www.securityfocus.com/bid/39304