Lucene search
HistoryJul 08, 2009 - 3:30 p.m.
CVE-2009-2373
cve-2009-2373
cross-site scripting
xss
vulnerability
forum module
drupal 6.x
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.6%
Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x before 6.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
drupaldrupalMatch5.0
ORdrupaldrupalMatch5.0beta1
ORdrupaldrupalMatch5.0beta2
ORdrupaldrupalMatch5.0rc1
ORdrupaldrupalMatch5.0rc2
ORdrupaldrupalMatch5.1
ORdrupaldrupalMatch5.1_rev1.1
ORdrupaldrupalMatch5.2
ORdrupaldrupalMatch5.3
ORdrupaldrupalMatch5.4
ORdrupaldrupalMatch5.5
ORdrupaldrupalMatch5.5.
ORdrupaldrupalMatch5.6
ORdrupaldrupalMatch5.7
ORdrupaldrupalMatch5.8
ORdrupaldrupalMatch5.9
ORdrupaldrupalMatch5.10
ORdrupaldrupalMatch5.11
ORdrupaldrupalMatch5.12
ORdrupaldrupalMatch5.13
ORdrupaldrupalMatch5.14
ORdrupaldrupalMatch5.15
ORdrupaldrupalMatch5.16
ORdrupaldrupalMatch6.0
ORdrupaldrupalMatch6.0beta1
ORdrupaldrupalMatch6.0beta2
ORdrupaldrupalMatch6.0beta3
ORdrupaldrupalMatch6.0beta4
ORdrupaldrupalMatch6.0rc-1
ORdrupaldrupalMatch6.0rc-2
ORdrupaldrupalMatch6.0rc-3
ORdrupaldrupalMatch6.0rc-4
ORdrupaldrupalMatch6.1
ORdrupaldrupalMatch6.2
ORdrupaldrupalMatch6.3
ORdrupaldrupalMatch6.4
ORdrupaldrupalMatch6.5
ORdrupaldrupalMatch6.6
ORdrupaldrupalMatch6.7
ORdrupaldrupalMatch6.8
ORdrupaldrupalMatch6.9
ORdrupaldrupalMatch6.10
ORdrupaldrupalMatch6.11
ORdrupaldrupalMatch6.12
Social References
More
Related
cvelist
cvelist
CVE-2009-2373
2009-07-08 15:00:00
ubuntucve
ubuntucve
CVE-2009-2373
2009-07-08 00:00:00
nvd
nvd
CVE-2009-2373
2009-07-08 15:30:01
prion
prion
Cross site scripting
2009-07-08 15:30:00
openvas
openvas
Drupal XSS and Code Injection Vulnerability
2009-07-15 00:00:00
Debian: Security Advisory (DSA-1930-1)
2009-11-11 00:00:00
FreeBSD Ports: drupal5
2009-07-15 00:00:00
freebsd
freebsd
drupal -- multiple vulnerabilities
2009-07-01 00:00:00
nessus
nessus
Debian DSA-1930-1 : drupal6 - several vulnerabilities
2010-02-24 00:00:00
debian
debian
[SECURITY] [DSA 1930-1] New drupal6 packages fix several vulnerabilities
2009-11-07 00:46:57
osv
osv
drupal6 - several vulnerabilities
2009-11-07 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.6%
Related for CVE-2009-2373