2009-10-09 14:18:00
mitre
PUBLISHED
Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with administer content types permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.