Cross-site scripting (XSS) vulnerability in the Greg Holsclaw Link to Us module 5.x before 5.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link page header" field.
Software | From | Fixed in |
---|---|---|
drupal / link_to_us | - | 5.x-1.0.x |
drupal / link_to_us | 5.x-1.x-dev | 5.x-1.x-dev.x |