Closed Bug 496284 Opened 16 years ago Closed 16 years ago

Vulnerability in the Webform module.

Categories

(Websites Graveyard :: spreadfirefox.com, defect)

x86
macOS
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 496182

People

(Reporter: paul, Unassigned)

References

()

Details

Can we take the disabled Webform module out of SVN and update stage / production so that we can't enable a module that is a critical security risk. * Advisory ID: DRUPAL-SA-CONTRIB-2009-032 * Project: Webform (third-party module) * Versions: 5.x, 6.x * Date: 2009-June-03 * Security risk: Moderately critical * Exploitable from: Remote * Vulnerability: Cross-site scripting -------- DESCRIPTION --------------------------------------------------------- The Webform module provides a node type which is typically used to enable site visitors to fill in questionnaires, contact or request/registration forms, surveys, polls, or other forms on a Drupal site. When displaying the results of Webform submissions, the module does not properly filter user entered data, leading to a cross-site scripting [1] (XSS) vulnerability on sites with a specific configuration of input formats that would normally be safe. Such an attack carried out against a sufficiently privileged user may lead a malicious user to gain administrator access to the site. -------- VERSIONS AFFECTED --------------------------------------------------- * Versions of Webform for Drupal 5.x prior to 5.x-2.7 * Versions of Webform for Drupal 6.x prior to 6.x-2.7 Drupal core is not affected. If you do not use the contributed Webform module, there is nothing you need to do. -------- SOLUTION ------------------------------------------------------------ Install the latest version: * If you use Webform for Drupal 5.x, upgrade to Webform 5.x-2.7 [2]. * If you use Webform for Drupal 6.x, upgrade to Webform 6.x-2.7 [3]. See also the Webform project page [4]. -------- REPORTED BY --------------------------------------------------------- David Rothstein [5] -------- FIXED BY ------------------------------------------------------------ Nathan Haug (quicksketch [6]), and David Rothstein [7] of the Drupal Security Team [8]
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Product: Websites → Websites Graveyard
You need to log in before you can comment on or make changes to this bug.