Unrated severityNVD Advisory· Published Jul 9, 2008· Updated Jun 16, 2026
CVE-2008-3097
CVE-2008-3097
Description
Cross-site scripting (XSS) vulnerability in the Tinytax module (aka Tinytax taxonomy block) 5.x before 5.x-1.10-1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML, probably by creating a crafted taxonomy term.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:drupal:tinytax_taxonomy_block_module:5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:drupal:tinytax_taxonomy_block_module:5:*:*:*:*:*:*:*
- (no CPE)range: <5.x-1.10-1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.