• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

Yves Chedemois

CVE-2008-6972

February 26, 2023 by

Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content Construction Kit (CCK) 5.x through 5.x-1.8 allow remote authenticated users with “administer content” permissions to inject arbitrary web script or HTML via the (1) “field label,” (2) “help text,” or (3) “allowed values” settings.

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE