4.3
CVE-2006-4109
- EPSS 1.13%
- Veröffentlicht 14.08.2006 20:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Drupal ≫ Bibliography Module Version <= 4.5
Drupal ≫ Bibliography Module Version <= 4.6_rev1.1.1.1.4.10
Drupal ≫ Bibliography Module Version <= 4.7_rev1.13.2.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.13% | 0.621 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://drupal.org/node/77756
http://secunia.com/advisories/21435
http://www.securityfocus.com/bid/19441
http://www.vupen.com/english/advisories/2006/3227
https://exchange.xforce.ibmcloud.com/vulnerabilities/28295