Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Menu module (modules/menu/menu.admin.inc) in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu administration overview.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Core Menu模块跨站脚本漏洞
Vulnerability Description
Drupal是一个自由和开源的模块化框架和内容管理系统,用PHP语言写成。 Drupal Core中的Menu模块(modules/menu/menu.admin.inc)存在跨站脚本漏洞。具有创立新菜单许可的远程验证用户可以借助一个菜单描述注入任意web脚本或HTML,该漏洞在菜单管理中不能被正确处理。
CVSS Information
N/A
Vulnerability Type
N/A