|
|
| |
|
| |
drupal: multiple vulnerabilities
| Package(s): | drupal |
CVE #(s): | CVE-2008-3661
|
| Created: | May 4, 2009 |
Updated: | May 6, 2009 |
| Description: |
From the Drupal advisory:
Certain byte sequences that are valid in the UTF-8 specification are potentially dangerous when interpreted as UTF-7. Internet Explorer 6 and 7 may decode these characters as UTF-7 if they appear before the tag that specifies the page content as UTF-8, despite the fact that Drupal also sends a real HTTP header specifying the content as UTF-8. This behaviour enables malicious users to insert and execute Javascript in the context of the website if site visitors are allowed to post content.
In addition, Drupal core also has a very limited information disclosure vulnerability under very specific conditions. If a user is tricked into visiting the site via a specially crafted URL and then submits a form (such as the search box) from that page, the information in their form submission may be directed to a third-party site determined by the URL and thus disclosed to the third party. The third party site may then execute a CSRF attack against the submitted form. |
| Alerts: |
|
( Log in to post comments)
|
|
|