exploitDog

CVE-2009-3648

Опубликовано: 09 окт. 2009

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:apsivam:service_links:6.x-1.0:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00111

Низкий

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2009-3648

redhat

больше 15 лет назад

Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.

GHSA-jqgm-6w4j-7734

github

около 3 лет назад

Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.

EPSS

Процентиль: 31%

0.00111

Низкий

3.5 Low

CVSS2

Дефекты

CWE-79