Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2373

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-2373
Last Modified 08 Jul 2009 12:00:00
Published 08 Jul 2009 11:30:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2373

Summary

Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x before 6.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Drupal 5.0

  • Drupal 5.1

  • Drupal 5.1 Rev1.1

  • Drupal 5.10

  • Drupal 5.11

  • Drupal 5.12

  • Drupal 5.13

  • Drupal 5.14

  • Drupal 5.15

  • Drupal 5.16

  • Drupal 5.2

  • Drupal 5.3

  • Drupal 5.4

  • Drupal 5.5

  • Drupal 5.5.

  • Drupal 5.6

  • Drupal 5.7

  • Drupal 5.8

  • Drupal 5.9

  • Drupal 6.0

  • Drupal 6.1

  • Drupal 6.10

  • Drupal 6.11

  • Drupal 6.12

  • Drupal 6.2

  • Drupal 6.3

  • Drupal 6.4

  • Drupal 6.5

  • Drupal 6.6

  • Drupal 6.7

  • Drupal 6.8

  • Drupal 6.9


References

CONFIRM - http://drupal.org/node/507572

SECUNIA - 35681

OSVDB - 55524


Last Updated: 27 May 2016 10:50:52