Lucene search
MitreCVELIST:CVE-2009-1844HistoryJun 01, 2009 - 2:00 p.m.
CVE-2009-1844
2009-06-0114:00:00
mitre
www.cve.org
7
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow (1) remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, which are not properly handled in the “HTML exports of books” feature; and (2) allow remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via the help text of an arbitrary vocabulary. NOTE: vector 1 exists because of an incomplete fix for CVE-2009-1575.
Related
cve
cve
ubuntucve
ubuntucve
CVE-2009-1844
2009-06-01 00:00:00
CVE-2009-1575
2009-05-06 00:00:00
prion
prion
Cross site scripting
2009-06-01 14:30:00
Cross site scripting
2009-05-06 17:30:00
Cross site scripting
2009-05-29 16:30:00
nvd
nvd
openvas
openvas
Debian Security Advisory DSA 1808-1 (drupal6)
2009-06-05 00:00:00
Debian: Security Advisory (DSA-1808-1)
2009-06-05 00:00:00
Debian Security Advisory DSA 1792-1 (drupal6)
2009-05-11 00:00:00
cvelist
cvelist
CVE-2009-1575
2009-05-06 17:00:00
CVE-2009-1823
2009-05-29 16:24:00
nessus
nessus
Debian DSA-1792-1 : drupal6 - multiple vulnerabilities
2009-05-08 00:00:00
Fedora 9 : drupal-6.11-1.fc9 (2009-4203)
2009-05-04 00:00:00
Fedora 10 : drupal-6.11-1.fc10 (2009-4175)
2009-05-04 00:00:00
freebsd
freebsd
drupal -- cross site scripting
2009-04-30 00:00:00
osv
osv
drupal6 - multiple vulnerabilities
2009-05-06 00:00:00