OSVDB ID: 65611

Title: FileField Module for Drupal filepath Parameter XSS

Info

Disclosure

Jun 17, 2010

Discovery

Unknown

Dates

Exploit

Jun 17, 2010

Solution

Jun 17, 2010

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public
Disclosure: Vendor Verified, Vendor Verified, Coordinated Disclosure
OSVDB: Web Related

Solution

Upgrade to version 5.x-2.5 or 6.x-3.4 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/65611