FreeBSD : drupal -- multiple XSS vulnerabilities (b2383758-5f15-11db-ae08-0008743bf21a)

high Nessus Plugin ID 22888

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

The Drupal Team reports :

A bug in input validation and lack of output validation allows HTML and script insertion on several pages.

Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This vulnerability exists on systems that do not use PHP's mb_string extension (to check if mb_string is being used, navigate to admin/settings and look under 'String handling').
Disabling the aggregator module provides an immediate workaround.

The aggregator module, profile module, and forum module do not properly escape output of certain fields.

Note: XSS attacks may lead to administrator access if certain conditions are met.

Solution

Update the affected package.

See Also

http://drupal.org/files/sa-2006-024/advisory.txt

http://www.nessus.org/u?1e402805

http://www.nessus.org/u?ccec35c3

Plugin Details

Severity: High

ID: 22888

File Name: freebsd_pkg_b23837585f1511dbae080008743bf21a.nasl

Version: 1.13

Type: local

Published: 10/20/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:drupal, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/18/2006

Vulnerability Publication Date: 10/18/2006