Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Interpretation conflict in Drupal 4.7.x before 4.7.11 and 5.x before 5.6, when Internet Explorer 6 is used, allows remote attackers to conduct cross-site scripting (XSS) attacks via invalid UTF-8 byte sequences, which are not processed as UTF-8 by Drupal's HTML filtering, but are processed as UTF-8 by Internet Explorer, effectively removing characters from the document and defeating the HTML protection mechanism.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal 多个远程漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 当IE浏览器6在使用时,Drupal中存在解释冲突,没有充分的过滤IE中的UTF-8 程序,可能影响HTML保护机制的文档和节点删除等功能。远程攻击者可以借助无效的UTF-8 byte序列,执行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A