CVE-2008-3500

Vulnerability

The Suggested Terms module for Drupal 5.x before version 5.x-1.2 does not properly sanitize taxonomy terms presented in the clickable list, leading to a cross-site scripting vulnerability. Users with the ability to create new taxonomy terms can inject arbitrary script code and HTML. Affected versions are all 5.x releases prior to 5.x-1.2 [1].

Exploitation

An attacker must be an authenticated Drupal user with permission to create taxonomy terms. The attacker crafts a term containing malicious script. When the term is displayed in the suggested terms list on edit pages, the script executes in the context of the victim's browser. The vulnerability is exploited remotely without requiring special network position beyond normal web access [1].

Impact

Successful exploitation allows the attacker to inject arbitrary web script or HTML, potentially leading to administrator access if the victim is an administrator viewing the crafted term. The impact is information disclosure and elevation of privileges [1].

Mitigation

The fixed version is 5.x-1.2, released on June 25, 2008. Users of the Suggested Terms module should upgrade immediately. Drupal core is not affected [1].