1 results (0.002 seconds)
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2009-4559
https://notcve.org/view.php?id=CVE-2009-4559
04 Jan 2010 — Cross-site scripting (XSS) vulnerability in the Submitted By module 6.x before 6.x-1.3 for Drupal allows remote authenticated users, with "administer content types" privileges, to inject arbitrary web script or HTML via an input string for "submitted by" text. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo "Submitted By" v6.x anterior a v6.x-1.3 para Drupal permite a los usuarios remotos autenticados, con privilegios para "administrar los tipos de contenido", inyectar secuenc... • http://drupal.org/node/520372 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •