Drupal: >> News Page >> 5.x-1.x Security Vulnerabilities
SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 for Drupal allows remote authenticated users, with News Page nodes create and edit privileges, to execute arbitrary SQL commands via the Include Words (aka keywords) field.
CVSS Score
6.5
EPSS Score
0.006
Published
2009-05-01