Drupal : Security Vulnerabilities, CVEs, Published In April 2009
Cross-site scripting (XSS) vulnerability in the Localization client module 5.x before 5.x-1.2 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the translation functionality.
Max CVSS
4.3
EPSS Score
0.17%
Published
2009-04-20
Updated
2009-04-20
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.5 and 6.x before 6.x-1.5, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via content titles.
Max CVSS
4.3
EPSS Score
0.17%
Published
2009-04-20
Updated
2009-04-21
Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via certain comment titles associated with a node edit form.
Max CVSS
4.3
EPSS Score
0.17%
Published
2009-04-20
Updated
2009-04-20
Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map.
Max CVSS
4.3
EPSS Score
0.14%
Published
2009-04-06
Updated
2009-04-07
4 vulnerabilities found