Lucene search

[email protected]CVE-2009-3479

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2009-3479

2022-10-0316:23:56

CWE-79

[email protected]

web.nvd.nist.gov

cve-2009-3479

cross-site scripting

xss

bibliography

biblio

drupal

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.0%

JSON

Cross-site scripting (XSS) vulnerability in Bibliography (Biblio) 5.x before 5.x-1.17 and 6.x before 6.x-1.6, a module for Drupal, allows remote attackers, with “create content displayed by the Bibliography module” permissions, to inject arbitrary web script or HTML via a title.

Affected configurations

NVD

Node

drupaldrupal

AND

ron_jeromebibliographyMatch5.x-1.0

ron_jeromebibliographyMatch5.x-1.1

ron_jeromebibliographyMatch5.x-1.2

ron_jeromebibliographyMatch5.x-1.3

ron_jeromebibliographyMatch5.x-1.4

ron_jeromebibliographyMatch5.x-1.5

ron_jeromebibliographyMatch5.x-1.6

ron_jeromebibliographyMatch5.x-1.7

ron_jeromebibliographyMatch5.x-1.8

ron_jeromebibliographyMatch5.x-1.9

ron_jeromebibliographyMatch5.x-1.10

ron_jeromebibliographyMatch5.x-1.11

ron_jeromebibliographyMatch5.x-1.12

ron_jeromebibliographyMatch5.x-1.13

ron_jeromebibliographyMatch5.x-1.14

ron_jeromebibliographyMatch5.x-1.15

ron_jeromebibliographyMatch5.x-1.16

ron_jeromebibliographyMatch5.x-1.x-dev

ron_jeromebibliographyMatch6.x-1.0

ron_jeromebibliographyMatch6.x-1.0rc1

ron_jeromebibliographyMatch6.x-1.0rc2

ron_jeromebibliographyMatch6.x-1.0rc3

ron_jeromebibliographyMatch6.x-1.0rc4

ron_jeromebibliographyMatch6.x-1.0rc5

ron_jeromebibliographyMatch6.x-1.0-beta1

ron_jeromebibliographyMatch6.x-1.0-beta2

ron_jeromebibliographyMatch6.x-1.0-beta3

ron_jeromebibliographyMatch6.x-1.0-beta4

ron_jeromebibliographyMatch6.x-1.0-beta5

ron_jeromebibliographyMatch6.x-1.0-beta6

ron_jeromebibliographyMatch6.x-1.0-beta7

ron_jeromebibliographyMatch6.x-1.0-beta8

ron_jeromebibliographyMatch6.x-1.0-beta9

ron_jeromebibliographyMatch6.x-1.1

ron_jeromebibliographyMatch6.x-1.2

ron_jeromebibliographyMatch6.x-1.3

ron_jeromebibliographyMatch6.x-1.4

ron_jeromebibliographyMatch6.x-1.5

ron_jeromebibliographyMatch6.x-1.x-dev

CPENameOperatorVersion
drupal:drupaldrupaleq*
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.0
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.1
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.2
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.3
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.4
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.5
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.6
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.7
ron_jerome:bibliographyron jerome bibliographyeq5.x-1.8

CPE	Name	Operator	Version
drupal:drupal	drupal	eq	*
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.0
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.1
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.2
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.3
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.4
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.5
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.6
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.7
ron_jerome:bibliography	ron jerome bibliography	eq	5.x-1.8

Rows per page:

1-10 of 351

References

drupal.org/node/534744

drupal.org/node/534752

drupal.org/node/534842

secunia.com/advisories/36083

www.securityfocus.com/bid/35865

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.0%

JSON

Related for CVE-2009-3479

cvelist2 prion2 nvd2 cve1