aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorstas <stas@FreeBSD.org>2008-10-23 05:02:50 +0800
committerstas <stas@FreeBSD.org>2008-10-23 05:02:50 +0800
commit1d36027ae0d00c75538fedb0269d707f1b9b2810 (patch)
tree14ad49ef20df111471e3c543156eadc87b4f7cde /security
parentd7a7f323b9283829c35c0665b9512b94f154e46c (diff)
downloadfreebsd-ports-graphics-1d36027ae0d00c75538fedb0269d707f1b9b2810.tar.gz
freebsd-ports-graphics-1d36027ae0d00c75538fedb0269d707f1b9b2810.tar.zst
freebsd-ports-graphics-1d36027ae0d00c75538fedb0269d707f1b9b2810.zip
- Whitespace fix in last entry.
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml20
1 files changed, 10 insertions, 10 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 6c90ce42c46..0ac61665b25 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -42,7 +42,7 @@ Note: Please add new entries to the beginning of this file.
<range><lt>5.12</lt></range>
</package>
<package>
- <name>drupal6</name>
+ <name>drupal6</name>
<range><lt>6.6</lt></range>
</package>
</affects>
@@ -51,15 +51,15 @@ Note: Please add new entries to the beginning of this file.
<p>The Drupal Project reports:</p>
<blockquote cite="http://drupal.org/node/324824">
<p>On a server configured for IP-based virtual hosts, Drupal may be
- caused to include and execute specifically named files outside
- of its root directory. This bug affects both Drupal 5 and
- Drupal 6.</p>
- <p>The title of book pages is not always properly escaped, enabling
- users with the "create book content" permission or the
- permission to edit any node in the book hierarchy to insert
- arbitrary HTML and script code into pages. Such a Cross site
- scripting attack may lead to the attacker gaining administrator
- access. This bug affects Drupal 6.</p>
+ caused to include and execute specifically named files outside
+ of its root directory. This bug affects both Drupal 5 and
+ Drupal 6.</p>
+ <p>The title of book pages is not always properly escaped, enabling
+ users with the "create book content" permission or the
+ permission to edit any node in the book hierarchy to insert
+ arbitrary HTML and script code into pages. Such a Cross site
+ scripting attack may lead to the attacker gaining administrator
+ access. This bug affects Drupal 6.</p>
</blockquote>
</body>
</description>