Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks privileges, to inject arbitrary web script or HTML via (1) strings used in block translation or (2) the untranslated input.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Reyero | I18N | 6.x-1.0 |
| Drupal | Drupal | All versions |
Related Weaknesses (CWE)
References
- http://drupal.org/node/764906Patch
- http://drupal.org/node/764998PatchVendor Advisory
- http://osvdb.org/63589
- http://secunia.com/advisories/39361Vendor Advisory
- http://www.securityfocus.com/bid/39304Patch
- http://drupal.org/node/764906Patch
- http://drupal.org/node/764998PatchVendor Advisory
- http://osvdb.org/63589
- http://secunia.com/advisories/39361Vendor Advisory
- http://www.securityfocus.com/bid/39304Patch
FAQ
What is CVE-2010-1530?
CVE-2010-1530 is a vulnerability with a CVSS score of 2.1 (LOW). Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks pri...
How severe is CVE-2010-1530?
CVE-2010-1530 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1530?
Check the references section above for vendor advisories and patch information. Affected products include: Reyero I18N, Drupal Drupal.