Article Source Debian Security Advisories
November 6, 2009, 4:00 pm
November 6, 2009, 4:00 pm
Several vulnerabilities have been found in drupal6, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following problems:
- CVE-2009-2372
Gerhard Killesreiter discovered a flaw in the way user signatures are handled. It is possible for a user to inject arbitrary code via a crafted user signature. (SA-CORE-2009-007)…