ports/153474: [VuXML] security/vuxml: document XSS in www/drupal6-views

Eygene Ryabinkin rea at FreeBSD.org
Mon Dec 27 21:30:12 UTC 2010 

>Number:         153474
>Category:       ports
>Synopsis:       [VuXML] security/vuxml: document XSS in www/drupal6-views
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 27 21:30:11 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Eygene Ryabinkin
>Release:        FreeBSD 9.0-CURRENT amd64
>Organization:
Code Labs
>Environment:

System: FreeBSD 9.0-CURRENT amd64

>Description:

Cross-site scripting vulnerability was found in Drupal-6.x views
plugin: [1].

>How-To-Repeat:

[1] http://drupal.org/node/999380

>Fix:

The following VuXML entry should be evaluated and added:
--- vuln.xml begins here ---
  <vuln vid="ff8b419a-0ffa-11e0-becc-0022156e8794">
    <topic>Drupal Views plugin -- cross-site scripting</topic>
    <affects>
      <package>
        <name>drupal6-views</name>
        <range><lt>2.12</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
        <p>Drupal security team reports:</p>
        <blockquote
          cite="http://drupal.org/node/999380">
          <p>The Views module provides a flexible method for Drupal site
          designers to control how lists and tables of content are
          presented. Under certain circumstances, Views could display
          parts of the page path without escaping, resulting in a
          relected Cross Site Scripting (XSS) vulnerability. An attacker
          could exploit this to gain full administrative access.</p>
          <p>Mitigating factors: This vulnerability only occurs with a
          specific combination of configuration options for a specific
          View, but this combination is used in the default Views
          provided by some additional modules. A malicious user would
          need to get an authenticated administrative user to visit a
          specially crafted URL.</p>
        </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2010-4521</cvename>
      <url>http://drupal.org/node/999380</url>
    </references>
    <dates>
      <discovery>2010-12-15</discovery>
      <entry>TODAY</entry>
    </dates>
  </vuln>
--- vuln.xml ends here ---

Port upgrade to 2.12 is on the go (I am the maintainer).
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list