CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2009-3780
https://notcve.org/view.php?id=CVE-2009-3780
Cross-site scripting (XSS) vulnerability in Abuse 5.x before 5.x-2.1 and 6.x before 6.x-1.1-alpha1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Abuse v5.x anteriores a v5.x-2.1 y v6.x anteriores a v6.x-1.1-alpha1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de véctores no especificados. • http://drupal.org/node/610784 http://drupal.org/node/610900 http://drupal.org/node/611078 http://secunia.com/advisories/37129 http://www.securityfocus.com/bid/36791 https://exchange.xforce.ibmcloud.com/vulnerabilities/53898 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •