* Advisory ID: DRUPAL-SA-2006-010
* Project: webform
* Date: 2006-Jul-09
* Security risk: critical
* Impact: webform
* Exploitable from: remote
* Vulnerability: multiple cross-site scripting
Подробности: http://drupal.org/node/72846
Комментарии
Главное в уязвимости вот это:
"Drupal core is not affected. If you do not use the webform module, there is nothing you need to do."