Debian Security Advisory 1930 drupal6 – several vulnerabilities

36
Article Source Debian Security Advisories
November 6, 2009, 4:00 pm

Several vulnerabilities have been found in drupal6, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2009-2372

    Gerhard Killesreiter discovered a flaw in the way user signatures are handled. It is possible for a user to inject arbitrary code via a crafted user signature. (SA-CORE-2009-007)…