FreeBSD : drupal -- multiple vulnerabilities (6da7344b-128a-11db-b25f-00e00c69a70d)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The Drupal team reports :

Vulnerability: XSS Vulnerability in taxonomy module

It is possible for a malicious user to insert and execute XSS into
terms, due to lack of validation on output of the page title. The fix
wraps the display of terms in check_plain().

See also :

http://drupal.org/node/66767
http://www.nessus.org/u?e6307712

Solution :

Update the affected package.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 22052 (freebsd_pkg_6da7344b128a11dbb25f00e00c69a70d.nasl)

Bugtraq ID:

CVE ID: CVE-2006-2833

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now