Description

Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x before 6.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2009-2373

Related Vulnerabilities

Magento Cryptographic Issues Vulnerability (CVE-2019-7886)

WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Request Forgery (4.3.24)

Internet Information Services Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-2815)

MySQL CVE-2020-2770 Vulnerability (CVE-2020-2770)

WordPress Plugin Starter Templates-Elementor, WordPress & Beaver Builder Templates Cross-Site Request Forgery (3.1.20)

Severity

Medium

Classification

CVE-2009-2373 CWE-707

Tags

Missing Update Known Vulnerabilities