CVE-2006-3570 Information

Description

Cross-site scripting (XSS) vulnerability in the webform module in Drupal 4.6 before July 8 2006 and 4.7 before July 8 2006 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://drupal.org/node/72846 http://secunia.com/advisories/21021 http://www.securityfocus.com/bid/18947 http://www.vupen.com/english/advisories/2006/2764 https://exchange.xforce.ibmcloud.com/vulnerabilities/27685