A Cross-Site Scripting (XSS) vulnerability in the Forum module in Drupal 6.x (proir to version 6.13) allows remote attackers to inject arbitrary web scripts or HTML by requesting a specially crafted tid.
The vulnerability is present only if the Forum module is activated, this is not the default configuration but the module is shipped by default with Drupal.
The vulnerability is present only if the Forum module is activated, this is not the default configuration but the module is shipped by default with Drupal.
CVE Link
Exploit Type - Old
Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities
Exploit Type
Product Name