Lucene search

K

MitreCVELIST:CVE-2009-1575

HistoryMay 06, 2009 - 5:00 p.m.

CVE-2009-1575

2009-05-0617:00:00

mitre

www.cve.org

2

AI Score

5.4

Confidence

High

EPSS

0.003

Percentile

71.6%

Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows remote attackers to inject arbitrary web script or HTML via crafted UTF-8 byte sequences before the Content-Type meta tag, which are treated as UTF-7 by Internet Explorer 6 and 7.

References

drupal.org/node/449078

secunia.com/advisories/34948

secunia.com/advisories/34950

secunia.com/advisories/34980

www.debian.org/security/2009/dsa-1792

www.osvdb.org/54152

www.vbdrupal.org/forum/showthread.php?p=9953#post9953

www.vupen.com/english/advisories/2009/1216

exchange.xforce.ibmcloud.com/vulnerabilities/50250

www.redhat.com/archives/fedora-package-announce/2009-May/msg00108.html

www.redhat.com/archives/fedora-package-announce/2009-May/msg00133.html

AI Score

5.4

Confidence

High

EPSS

0.003

Percentile

71.6%

Related for CVELIST:CVE-2009-1575

prion3 ubuntucve2 cve3 nvd3 openvas6 cvelist2 nessus4 freebsd1 osv1