---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Drupal Token Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA27291 VERIFY ADVISORY: http://secunia.com/advisories/27291/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote SOFTWARE: Token 4.x (module for Drupal) http://secunia.com/product/16200/ Token 5.x (module for Drupal) http://secunia.com/product/16201/ DESCRIPTION: Greg Knaddison has reported a vulnerability in the Token module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Input passed to unspecified parameters dealing with comments, vocabulary names, term names, and usernames is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials. NOTE: The following modules are affected by this issue due to the use of the Token module: ASIN Field Module, e-Commerce Module, Fullname field for CCK Module, Invite Module, Node Relativity Module, Pauthauto Module, PayPal Node Module, and Ubercart Module. The vulnerability is reported in the 4.7.x branch before 4.7.x-1.5 and the 5.x branch before 5.x-1.9. SOLUTION: Update to Token module version 4.7.x-1.5 or 5.x-1.9 and to the latest versions of the affected modules (see the vendor's advisory for details) PROVIDED AND/OR DISCOVERED BY: Greg Knaddison a.k.a. greggles, Drupal security team ORIGINAL ADVISORY: http://drupal.org/node/184336 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------