Cross-site scripting (XSS) vulnerability in the Currency Exchange module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to watchdog logging.
Software | From | Fixed in |
---|---|---|
2bits / currency | - | 6.x-1.1.x |
2bits / currency | 4.7.x-1.x-dev | 4.7.x-1.x-dev.x |
2bits / currency | 5.x-1.0 | 5.x-1.0.x |
2bits / currency | 5.x-1.1 | 5.x-1.1.x |
2bits / currency | 5.x-1.1-beta1 | 5.x-1.1-beta1.x |
2bits / currency | 5.x-1.2 | 5.x-1.2.x |
2bits / currency | 5.x-1.3 | 5.x-1.3.x |
2bits / currency | 5.x-1.x-dev | 5.x-1.x-dev.x |
2bits / currency | 6.x-1.0 | 6.x-1.0.x |
2bits / currency | 6.x-1.x-dev | 6.x-1.x-dev.x |