Upstream information
Description
Cross-site scripting (XSS) vulnerability in the administrative page interface in Taxonomy manager 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to inject arbitrary web script or HTML via (1) vocabulary names, (2) synonyms, and (3) term names.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
NVD | |
---|---|
Base Score | 3.5 |
Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Access Vector | Network |
Access Complexity | Medium |
Authentication | Single |
Confidentiality Impact | None |
Integrity Impact | Partial |
Availability Impact | None |
SUSE Timeline for this CVE
CVE page created: Tue Jul 9 16:42:46 2013CVE page last modified: Mon Sep 9 17:08:48 2024