Lucene search

[email protected]NVD:CVE-2009-5096

HistorySep 13, 2011 - 7:59 p.m.

CVE-2009-5096

2011-09-1319:59:24

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.2%

JSON

Cross-site scripting (XSS) vulnerability in the Flag Content module 5.x-2.x before 5.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Reason parameter.

Affected configurations

NVD

Node

khalid_baheyeldinflag_contentMatch5.x-2.0

khalid_baheyeldinflag_contentMatch5.x-2.1

khalid_baheyeldinflag_contentMatch5.x-2.2

khalid_baheyeldinflag_contentMatch5.x-2.4

khalid_baheyeldinflag_contentMatch5.x-2.5

khalid_baheyeldinflag_contentMatch5.x-2.6

khalid_baheyeldinflag_contentMatch5.x-2.7

khalid_baheyeldinflag_contentMatch5.x-2.8

khalid_baheyeldinflag_contentMatch5.x-2.9

khalid_baheyeldinflag_contentMatch5.x-2.x-dev

AND

drupaldrupal

References

drupal.org/node/610868

drupal.org/node/610870

osvdb.org/59119

secunia.com/advisories/37124

www.securityfocus.com/bid/36785

www.vupen.com/english/advisories/2009/2999

exchange.xforce.ibmcloud.com/vulnerabilities/53900

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.2%

JSON

Related for NVD:CVE-2009-5096

cve1 cvelist1 prion1