- Advisory ID: DRUPAL-SA-2006-015
- Project: Bibliography
- Date: 2006-Aug-08
- Security risk: highly critical
- Exploitable from: remote
- Vulnerability: SQL injection, Cross site scripting
Description
Unescaped input is used directly in queries, allowing malicious users to execute SQL injection attacks. This may result in administrator access.
It is also possible for a malicious user to insert and execute XSS (Cross Site Scripting), due to lack of validation on output. This may lead to administrator access if certain conditions are met. Learn more about XSS on Wikipedia.
Versions affected
Please check the CVS $Id$ fields in the file biblio.module to determine whether the version you are running is vulnerable. Versions older than the following are vulnerable:
- Bibliography for Drupal 4.6 - // $Id: biblio.module,v 1.1.1.1.4.11 2006/08/08 12:51:27 rjerome Exp $
- Bibliography for Drupal 4.7 - // $Id: biblio.module,v 1.13.2.5 2006/08/08 15:12:08 rjerome Exp $
Drupal core is not affected. If you do not use the Bibliography module, there is nothing you need to do.
Solution
Install the latest version:
See also Bibliography's project page.
Reported by
The Drupal security team.
Contact
The security contact for Drupal can be reached at security at drupal.org or using the form at http://drupal.org/contact.
