* Advisory ID: DRUPAL-SA-CONTRIB-2009-098 * Project: Zoomify (third-party module) * Version: 5.x, 6.x * Date: 2009-November-4 * Security risk: Moderately Critical * Exploitable from: Remote * Vulnerability: Cross Site Scripting
-------- DESCRIPTION ---------------------------------------------------------
The Zoomify module integrates the Zoomify Flash applet into Drupal which can be used to pan and zoom on large images. Images are first preprocessed in order for Zoomify to work. The module fails to sanitize a value in the node title, leading to a Cross Site Scripting (XSS [1]) vulnerability. -------- VERSIONS AFFECTED ---------------------------------------------------
* Zoomify module for Drupal 6.x prior to Zoomify 6.x-1.4 [2] * Zoomify module for Drupal 5.x prior to Zoomify 5.x-2.2 [3]
Drupal core is not affected. If you do not use the contributed Zoomify module [4], there is nothing you need to do. -------- SOLUTION ------------------------------------------------------------
Upgrade to the latest version: * If you use Zoomify module for Drupal 6.x upgrade to Zoomify 6.x-1.4 [5] * If you use Zoomify module for Drupal 5.x upgrade to Zoomify 5.x-2.2 [6]
-------- REPORTED BY ---------------------------------------------------------
* Reported by Dylan Wilder-Tack [7], the module maintainer
-------- FIXED BY ------------------------------------------------------------
* Fixed by Karim Ratib [8], the module maintainer
-------- CONTACT -------------------------------------------------------------
The security team for Drupal can be reached at security at drupal.org or via the form at http://drupal.org/contact.
[1] http://en.wikipedia.org/wiki/Cross-site_scripting [2] http://drupal.org/node/623434 [3] http://drupal.org/node/623436 [4] http://drupal.org/project/zoomify [5] http://drupal.org/node/623434 [6] http://drupal.org/node/623436 [7] http://drupal.org/user/96647 [8] http://drupal.org/user/48424