CVE-2010-1303
Publication date 8 April 2010
Last updated 24 July 2024
Ubuntu priority
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary (1) names, (2) terms, and (3) filter menus.
Status
Package | Ubuntu Release | Status |
---|---|---|
drupal6 | 9.10 karmic |
Not affected
|
9.04 jaunty |
Not affected
|
|
8.10 intrepid | Not in release | |
8.04 LTS hardy | Not in release | |
6.06 LTS dapper | Not in release |