Unrated severityNVD Advisory· Published Mar 4, 2008· Updated Jun 16, 2026
CVE-2008-1133
CVE-2008-1133
Description
The Drupal.checkPlain function in Drupal 6.0 only escapes the first instance of a character in ECMAScript, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- drupal.org/node/227608nvdPatchVendor Advisory
- www.securityfocus.com/bid/28026nvdPatchThird Party AdvisoryVDB Entry
- secunia.com/advisories/29118nvdThird Party Advisory
News mentions
0No linked articles in our index yet.