ID CVE-2010-2250
Summary Drupal 6.x before 6.16 uses a user-supplied value in output during site installation which could allow an attacker to craft a URL and perform a cross-site scripting attack.
References
Vulnerable Configurations
CVSS
Base: 5.0
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
assigner via4 cve@mitre.org
vulnerable_product via4
    Last major update 07-11-2019 - 18:31
    Published 07-11-2019 - 18:15
    Last modified 07-11-2019 - 18:31
    Back to Top