Red Hat Bugzilla – Bug 435814
CVE-2008-1131,CVE-2008-1133 drupal new release fixes XSS issue
Last modified: 2008-03-05 11:25:26 EST
Titles are not escaped prior to being displayed on content edit forms, allowing
users to inject arbitrary HTML and script code into these pages.
The Drupal.checkPlain function, used to escape text in ECMAScript, contains a
bug which causes it to escape only the first instance of a character, allowing
users to inject arbitrary HTML and script code in certain pages.
CVE name requested for this.
SA-2008-018 addressed in rawhide by 6.1, not present in 5.x branch for F-7 and F-8.
Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote
authenticated users to inject arbitrary web script or HTML via titles
in content edit forms.
The Drupal.checkPlain function in Drupal 6.0 only escapes the first
instance of a character in ECMAScript, which allows remote attackers
to conduct cross-site scripting (XSS) attacks.