systemtek.co.uk
Drupal Core – Cross Site Scripting
Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability. D
Duncan
