CVE-2008-2998

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

• Drupal / aggregation_module3.0 – 3.0
• Drupal / aggregation_module3.1 – 3.1
• Drupal / aggregation_module3.2 – 3.2
• Drupal / aggregation_module4.0 – 4.0
• Drupal / aggregation_module4.1 – 4.1
• Drupal / aggregation_module4.2 – 4.2
• Drupal / aggregation_module4.3 – 4.3

References

• MISChttp://drupal.org/node/269479
• MISChttp://www.securityfocus.com/bid/29677
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/43008
• VENDOR_ADVISORYhttp://secunia.com/advisories/30618