CVE-2010-1303

Publication date 8 April 2010

Last updated 24 July 2024


Ubuntu priority

Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary (1) names, (2) terms, and (3) filter menus.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
drupal6 9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release