Drupal : QuickTabs XSS

QUICK TABS module for Drupal 6.x and 7.x is vulnerable to a Cross Site Scripting Attack (XSS).


Information At A Glance
Source	Version/Dependency	Developer	Severity
drupal.org/node/1409476	Version: 6.x, 7.x	Quick Tabs Page	Moderately Critical
*Summary:* The following versions of the QUICK TABS module for Drupal 6.x and 7.x is vulnerable to a Cross Site Scripting Attack (XSS). Quicktabs 6.x-2.x versions prior to 6.x-2.1. Quicktabs 6.x-3.x versions prior to 6.x-3.1. Quicktabs 7.x-3.x versions prior to 7.x-3.3. *Fix:* Update to according to the following to the latest versions For Quicktabs 2.x module for Drupal 6.x, upgrade to Quicktabs 6.x-2.1 For Quicktabs 3.x module for Drupal 6.x, upgrade to Quicktabs 6.x-3.1 For Quicktabs 3.x module for Drupal 7.x, upgrade to Quicktabs 7.x-3.3 *Source:* http://drupal.org/node/1409476 Reported by: Owen Barton of the Drupal Security Team and Michael Smith

Disclaimer: Salvus Alerting provides timely industry related information to customers within its subscriber community for informational purposes only and makes every effort to distribute accurate and reliable information. Salvus Alerting disclaims all warranties with regard to the information and/or the services being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information and/or the services being provided. Use of this information is covered under the subscriber terms and conditions agreement. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC. SalvusAlerting is not responsible for content on advertisers sites.

Drupal : QuickTabs XSS

Information At A Glance