CVE-2006-4109

Properties

Published:
13.08.2006
Updated:
15.08.2006
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N)
    Product:
    Drupal: Bibliography Module
    Drupal: Bibliography Module
    Drupal: Bibliography Module

    Vulnerability description

    Cross-site scripting (XSS) vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

    References:

    DRUPAL: http://drupal.org/node/77756
    BID: http://www.securityfocus.com/bid/19441
    FRSIRT: http://www.frsirt.com/english/advisories/2006/3227
    SECUNIA: http://secunia.com/advisories/21435