CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2009-1249
https://notcve.org/view.php?id=CVE-2009-1249
Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Feed element mapper 5.x versiones anteriores a 5.x-1.1, un módulo para Drupal, permite a atacantes remotos inyectar web script o HTML de su elección a través del contenido del título en admin/content/node-type/nodetype/map. • http://drupal.org/node/414644 http://drupal.org/node/414702 http://secunia.com/advisories/34497 http://www.securityfocus.com/bid/34266 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •