MidnightBSD

Advisories for alan_palazzolo

CVE-2010-2030 MEDIUM

Cross-site scripting (XSS) vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the administration and redirect pages.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
alan_palazzolo external_link_page 6.x-1.0
alan_palazzolo external_link_page 5.x-0.8
alan_palazzolo external_link_page 6.x-1.1