Cross-site scripting (XSS) vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the administration and redirect pages.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| alan_palazzolo | external_link_page | 6.x-1.0 |
| alan_palazzolo | external_link_page | 5.x-0.8 |
| alan_palazzolo | external_link_page | 6.x-1.1 |