Drupal Security Team reports:
When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input.
Certain byte sequences that are valid in the UTF-8 specification are potentially dangerous when interpreted as UTF-7. Internet Explorer 6 and 7 may decode these characters as UTF-7 if they appear before the meta http-equiv="Content-Type" tag that specifies the page content as UTF-8, despite the fact that Drupal also sends a real HTTP header specifying the content as UTF-8. This behaviour enables malicious users to insert and execute Javascript in the context of the website if site visitors are allowed to post content.
In addition, Drupal core also has a very limited information disclosure vulnerability under very specific conditions. If a user is tricked into visiting the site via a specially crafted URL and then submits a form (such as the search box) from that page, the information in their form submission may be directed to a third-party site determined by the URL and thus disclosed to the third party. The third party site may then execute a CSRF attack against the submitted form.
Disclaimer: The data contained on this page is derived from the VuXML document, please refer to the the original document for copyright information. The author of portaudit makes no claim of authorship or ownership of any of the information contained herein.
If you have found a vulnerability in a FreeBSD port not listed in the database, please contact the FreeBSD Security Team. Refer to "FreeBSD Security Information" for more information.