CVE-2008-6170

🗓️ 19 Feb 2009 15:02:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 65 Views

Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users to inject arbitrary web script or HTML via the book page title

Reporter	Title	Published	Views	Family All 12
FreeBSD	drupal -- multiple vulnerabilities	22 Oct 200800:00	–	freebsd
Cvelist	CVE-2008-6170	19 Feb 200915:02	–	cvelist
EUVD	EUVD-2008-6140	7 Oct 202500:30	–	euvd
Tenable Nessus	Fedora 8 : drupal-5.12-1.fc8 (2008-9170)	27 Oct 200800:00	–	nessus
Tenable Nessus	Fedora 9 : drupal-6.6-1.fc9 (2008-9213)	31 Oct 200800:00	–	nessus
Tenable Nessus	FreeBSD : drupal -- multiple vulnerabilities (706c9eef-a077-11dd-b413-001372fd0af2)	24 Oct 200800:00	–	nessus
NVD	CVE-2008-6170	19 Feb 200915:30	–	nvd
OpenVAS	FreeBSD Ports: drupal5	1 Nov 200800:00	–	openvas
OpenVAS	FreeBSD Ports: drupal5	1 Nov 200800:00	–	openvas
Prion	Cross site scripting	19 Feb 200915:30	–	prion

NVD

Node

drupal drupalMatch5.0

drupal drupalMatch5.1

drupal drupalMatch5.2

drupal drupalMatch5.3

drupal drupalMatch5.4

drupal drupalMatch5.5

drupal drupalMatch5.6

drupal drupalMatch5.7

drupal drupalMatch5.8

drupal drupalMatch5.9

drupal drupalMatch5.10

drupal drupalMatch5.11

drupal drupalMatch6.0

drupal drupalMatch6.1

drupal drupalMatch6.2

drupal drupalMatch6.3

drupal drupalMatch6.4

drupal drupalMatch6.5

Source	Link
securityfocus	www.securityfocus.com/bid/31882
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/46052
vupen	www.vupen.com/english/advisories/2008/2913
redhat	www.redhat.com/archives/fedora-package-announce/2008-October/msg00783.html
secunia	www.secunia.com/advisories/32297
secunia	www.secunia.com/advisories/32441
redhat	www.redhat.com/archives/fedora-package-announce/2008-October/msg00826.html
drupal	www.drupal.org/node/324824

23 Apr 2026 00:35Current

5.3Medium risk

Vulners AI Score5.3

CVSS 23.5

EPSS0.00244

CWE-79