http://www.madirish.net en http://www.madirish.net/554 A cross site scripting (XSS), or arbitrary script injection, vulnerability exists in TinyMCE due to the fact that the bbcode plugin violates the explicit security policy of TinyMCE. If the bbcode plugin is enabled, but encoding is enabled using the "encoding" directive, or sanitizing is enabled using the "valid_elements" attribute, these mechanisms fail to function as expected. http://www.madirish.net/553 An overview of cross site scripting (XSS) prevention functions provided in the PHP language, including discussion of suitable uses and guidance for approach to untrusted user input sanitizing. Arbitrary script injection flaws are widespread and pernicious among web applications. Understanding and appropriately utilizing built in language controls to prevent XSS is critical in removing this class of vulnerability from your web application. http://www.madirish.net/552 Drupal Ctools prior to 6.x-1.10 contains an XSS vulnerability http://www.madirish.net/551 The Drupal OM Maximenu module, prior to versions 6.x-1.44 and 7.x-1.44, contains suffers from a number of vulnerabilities, including several arbitrary script injection (XSS) flaws. The module also gives users with permission to "Administer OM Maximenu" the ability to execute arbitrary PHP with no indication of the power of this privilege. This could allow attackers who gain access to accounts with this permission to compromise the host web server, attack other users, and more. http://www.madirish.net/550 The Drupal Inf08 theme, prior to versions 6.x-1.10, contains a XSS vulnerability due to the fact that it fails to properly sanitize taxonomy terms before display. This could allow attackers who have the ability to create taxonomy terms to perform arbitrary script injection attacks via persistent cross site scripting. http://www.madirish.net/549 Using idle scanning can reveal sensitive configuration information about targets via a side channel. Not only can this type of scan show services that might otherwise be invisible, it is also completely passive. This means that the target of the scan will never observe traffic from the actual source of the scans. Only the idle host will be aware of any contact with the scanning machine. This can allow attackers to perform reconnaissance to either perform a completely hidden scan, for instance by using an idle zombie in a third party organization making it extremely difficult to trace the origin of the scan, or to map trust relationships in an organization by using a zombie target within the target organization.