diff options
author | stas <stas@FreeBSD.org> | 2008-10-23 05:02:50 +0800 |
---|---|---|
committer | stas <stas@FreeBSD.org> | 2008-10-23 05:02:50 +0800 |
commit | 1d36027ae0d00c75538fedb0269d707f1b9b2810 (patch) | |
tree | 14ad49ef20df111471e3c543156eadc87b4f7cde /security | |
parent | d7a7f323b9283829c35c0665b9512b94f154e46c (diff) | |
download | freebsd-ports-graphics-1d36027ae0d00c75538fedb0269d707f1b9b2810.tar.gz freebsd-ports-graphics-1d36027ae0d00c75538fedb0269d707f1b9b2810.tar.zst freebsd-ports-graphics-1d36027ae0d00c75538fedb0269d707f1b9b2810.zip |
- Whitespace fix in last entry.
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 6c90ce42c46..0ac61665b25 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -42,7 +42,7 @@ Note: Please add new entries to the beginning of this file. <range><lt>5.12</lt></range> </package> <package> - <name>drupal6</name> + <name>drupal6</name> <range><lt>6.6</lt></range> </package> </affects> @@ -51,15 +51,15 @@ Note: Please add new entries to the beginning of this file. <p>The Drupal Project reports:</p> <blockquote cite="http://drupal.org/node/324824"> <p>On a server configured for IP-based virtual hosts, Drupal may be - caused to include and execute specifically named files outside - of its root directory. This bug affects both Drupal 5 and - Drupal 6.</p> - <p>The title of book pages is not always properly escaped, enabling - users with the "create book content" permission or the - permission to edit any node in the book hierarchy to insert - arbitrary HTML and script code into pages. Such a Cross site - scripting attack may lead to the attacker gaining administrator - access. This bug affects Drupal 6.</p> + caused to include and execute specifically named files outside + of its root directory. This bug affects both Drupal 5 and + Drupal 6.</p> + <p>The title of book pages is not always properly escaped, enabling + users with the "create book content" permission or the + permission to edit any node in the book hierarchy to insert + arbitrary HTML and script code into pages. Such a Cross site + scripting attack may lead to the attacker gaining administrator + access. This bug affects Drupal 6.</p> </blockquote> </body> </description> |