CVE-2010-1984 Information

Description

Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 5.x before 5.x-1.5 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via the taxonomy term name in a Breadcrumb display.

Reference

http://drupal.org/node/757974 http://drupal.org/node/757980 http://drupal.org/node/758456 http://osvdb.org/63424 http://secunia.com/advisories/39138 https://exchange.xforce.ibmcloud.com/vulnerabilities/57446