Lucene search
HistoryOct 09, 2009 - 2:30 p.m.
CVE-2009-3648
cve-2009-3648
cross-site scripting
xss vulnerability
service links
drupal
nvd
security
information security
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.0%
Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with ‘administer content types’ permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.
Affected configurations
Node
apsivamservice_linksMatch6.x-1.0
drupaldrupal
| CPE | Name | Operator | Version |
|---|---|---|---|
| apsivam:service_links | apsivam service links | eq | 6.x-1.0 |
Related
nessus
nessus
Fedora 11 : drupal-service_links-6.x.1.0-5.fc11 (2009-10466)
2009-10-15 00:00:00
Fedora 10 : drupal-service_links-6.x.1.0-5.fc10 (2009-10445)
2009-10-15 00:00:00
openvas
openvas
Fedora Core 11 FEDORA-2009-10466 (drupal-service_links)
2009-10-19 00:00:00
Fedora Core 11 FEDORA-2009-10466 (drupal-service_links)
2009-10-19 00:00:00
Fedora Core 10 FEDORA-2009-10445 (drupal-service_links)
2009-10-19 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: drupal-service_links-6.x.1.0-5.fc11
2009-10-14 01:52:34
[SECURITY] Fedora 10 Update: drupal-service_links-6.x.1.0-5.fc10
2009-10-14 01:43:52
cvelist
cvelist
CVE-2009-3648
2009-10-09 14:18:00
nvd
nvd
CVE-2009-3648
2009-10-09 14:30:00
prion
prion
Cross site scripting
2009-10-09 14:30:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.0%
Related for CVE-2009-3648