Exploitation Summary
EIP tracks 1 public exploit for CVE-2002-1806. PoCs published by [email protected].
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Drupal where malicious HTML code in news posts is not sufficiently filtered, allowing arbitrary script execution in a user's browser. The example demonstrates a simple XSS payload using an IMG tag with a JavaScript SRC attribute.
Description
Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in Drupal where malicious HTML code in news posts is not sufficiently filtered, allowing arbitrary script execution in a user's browser. The example demonstrates a simple XSS payload using an IMG tag with a JavaScript SRC attribute.