CVE-2009-4602

https://notcve.org/view.php?id=CVE-2009-4602

Cross-site scripting (XSS) vulnerability in the Randomizer module 5.x through 5.x-1.0 and 6.x through 6.x-1.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el modulo Randomizer v5.x-1.0 y v6.x hasta v6.x-1.0, un modulo de Drupal, permite a atacantes remotos inyectar secuencias arbitrarias de comandos web o HTML a través de vectores desconocidos. • http://drupal.org/node/655668 http://www.securityfocus.com/bid/37274 http://www.vupen.com/english/advisories/2009/3476 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •