CVE-2010-2250

Publication date

2019-11-07 17:49:32

Family

redhat

State

PUBLISHED

Description

Drupal 5.x and 6.x before 6.16 uses a user-supplied value in output during site installation which could allow an attacker to craft a URL and perform a cross-site scripting attack.