ID CVE-2009-4119Type cveReporter cve@mitre.orgModified 2017-08-17T01:31:00
Description
Cross-site scripting (XSS) vulnerability in Feed Element Mapper module 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
{"id": "CVE-2009-4119", "bulletinFamily": "NVD", "title": "CVE-2009-4119", "description": "Cross-site scripting (XSS) vulnerability in Feed Element Mapper module 5.x before 5.x-1.3, 6.x before 6.x-1.3, and 6.x-2.0-alpha before 6.x-2.0-alpha4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "published": "2009-12-01T00:30:00", "modified": "2017-08-17T01:31:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4119", "reporter": "cve@mitre.org", "references": ["http://drupal.org/node/636498", "http://www.securityfocus.com/bid/37060", "http://drupal.org/node/636518", "http://osvdb.org/60288", "https://exchange.xforce.ibmcloud.com/vulnerabilities/54338", "http://secunia.com/advisories/37439", "http://drupal.org/node/636496"], "cvelist": ["CVE-2009-4119"], "type": "cve", "lastseen": "2019-05-29T18:10:01", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "b5dd58c266d8e64f7cef63a2027aff5e"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "85b30d9ad1a0fb872f1c972926f6ff07"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "cb577e82e1c19d90d4f11c95e4430bd7"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "25131d66a9f3961140b068f4b41aa42b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "34e69e045b64924bccf865d56b6918a2"}, {"key": "description", "hash": "563543e3da11e51966cea1ceb1c95642"}, {"key": "href", "hash": "767cc358924d6ecf3dbbeddc633d5565"}, {"key": "modified", "hash": "379d351812b3525b5f6e71572a16d29f"}, {"key": "published", "hash": "052a276566a6e233b8cf07ced0d98ee0"}, {"key": "references", "hash": "68a90a419792f4eccc55c7fd049d6da7"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "26f17a977e94127bcdd5e62f5b3343db"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "0424a63149bd2d2c98ec9566fefe796dc9c4df46dbc9e8940626f6afce6200d3", "viewCount": 0, "enchantments": {"score": {"value": 4.2, "vector": "NONE", "modified": "2019-05-29T18:10:01"}, "dependencies": {"references": [], "modified": "2019-05-29T18:10:01"}, "vulnersScore": 4.2}, "objectVersion": "1.3", "cpe": ["cpe:/a:alex_barth:feed_element_mapper:5.x-1.x-dev", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.x-dev", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0-beta4", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0-beta5", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta11", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta9", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta12", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0-beta3", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0-beta1", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta5", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta1", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta7", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.1", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta2", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta4", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0-beta7", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0-beta6", "cpe:/a:alex_barth:feed_element_mapper:5.x-1.0-beta2", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-alpha1", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta6", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta3", "cpe:/a:alex_barth:feed_element_mapper:6.x-1.0-beta10"], "affectedSoftware": [{"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.x-dev"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta4"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta6"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0-beta1"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-alpha1"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta11"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta3"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta7"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.1"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0-beta7"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta9"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.x-dev"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta5"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta1"}, {"name": "alex_barth feed_element_mapper", "operator": "le", "version": "6.x-1.0"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta12"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0-beta2"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0-beta6"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0-beta3"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta2"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0-beta4"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "5.x-1.0-beta5"}, {"name": "alex_barth feed_element_mapper", "operator": "eq", "version": "6.x-1.0-beta10"}, {"name": "alex_barth feed_element_mapper", "operator": "le", "version": "5.x-1.2"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": [], "cwe": ["CWE-79"]}
{}
