Download
| Alert*
The Drupal.checkPlain function in Drupal 6.0 only escapes the first instance of a character in ECMAScript, which allows remote attackers to conduct cross-site scripting (XSS) attacks. CVSS Score and Metrics +CVSS Score and Metrics -
|