Lucene search
HistoryDec 31, 2009 - 7:30 p.m.
CVE-2009-4532
cve-2009-4532
xss
vulnerability
drupal
webform module
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.5%
Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to inject arbitrary web script or HTML via a field label.
Affected configurations
Node
nathan_haugwebformRange≤5.x-2.7
ORnathan_haugwebformRange≤6.x-2.7
ORnathan_haugwebformMatch5.x-1.2
ORnathan_haugwebformMatch5.x-1.3
ORnathan_haugwebformMatch5.x-1.4
ORnathan_haugwebformMatch5.x-1.5
ORnathan_haugwebformMatch5.x-1.6
ORnathan_haugwebformMatch5.x-1.7
ORnathan_haugwebformMatch5.x-1.8
ORnathan_haugwebformMatch5.x-1.9
ORnathan_haugwebformMatch5.x-1.10
ORnathan_haugwebformMatch5.x-1.x-dev
ORnathan_haugwebformMatch5.x-2.0
ORnathan_haugwebformMatch5.x-2.0-beta0
ORnathan_haugwebformMatch5.x-2.0-beta1
ORnathan_haugwebformMatch5.x-2.0-beta2
ORnathan_haugwebformMatch5.x-2.0-beta3
ORnathan_haugwebformMatch5.x-2.1
ORnathan_haugwebformMatch5.x-2.1.1
ORnathan_haugwebformMatch5.x-2.1.2
ORnathan_haugwebformMatch5.x-2.1.3
ORnathan_haugwebformMatch5.x-2.2
ORnathan_haugwebformMatch5.x-2.3
ORnathan_haugwebformMatch5.x-2.4
ORnathan_haugwebformMatch5.x-2.5
ORnathan_haugwebformMatch5.x-2.6
ORnathan_haugwebformMatch5.x-2.x-dev
ORnathan_haugwebformMatch6.x-2.0-beta1
ORnathan_haugwebformMatch6.x-2.0-beta2
ORnathan_haugwebformMatch6.x-2.0-beta3
ORnathan_haugwebformMatch6.x-2.0-beta4
ORnathan_haugwebformMatch6.x-2.0-beta5
ORnathan_haugwebformMatch6.x-2.0-beta6
ORnathan_haugwebformMatch6.x-2.1
ORnathan_haugwebformMatch6.x-2.1-1
ORnathan_haugwebformMatch6.x-2.1.2
ORnathan_haugwebformMatch6.x-2.1.3
ORnathan_haugwebformMatch6.x-2.2
ORnathan_haugwebformMatch6.x-2.3
ORnathan_haugwebformMatch6.x-2.4
ORnathan_haugwebformMatch6.x-2.5
ORnathan_haugwebformMatch6.x-2.6
ORnathan_haugwebformMatch6.x-2.x-dev
drupaldrupal
Related
nvd
nvd
CVE-2009-4532
2009-12-31 19:30:00
prion
prion
Cross site scripting
2009-12-31 19:30:00
cvelist
cvelist
CVE-2009-4532
2009-12-31 19:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.5%
Related for CVE-2009-4532