CVE-2009-4525 - Vulnerability Details

Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via crafted data in a list of links.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Drupal	Drupal
Joao Ventura	Print

Configuration 1 [-]

AND

OR	cpe:2.3:a:joao_ventura:print:5.x-4.0:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.1:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.2:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.3:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.4:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.5:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.6:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.7:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.8:::::::*
	cpe:2.3:a:joao_ventura:print:5.x-4.x:dev::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.0:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.0:rc1::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.0:rc2::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.0:rc3::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.0:rc4::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.0:rc5::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.0:rc8::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.0:rc9::::::
	cpe:2.3:a:joao_ventura:print:6.x-1.1:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.2:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.3:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.4:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.5:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.6:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.7:::::::*
	cpe:2.3:a:joao_ventura:print:6.x-1.x:dev::::::

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://drupal.org/node/604804
http://drupal.org/node/604806
http://drupal.org/node/604808
http://osvdb.org/58952
http://secunia.com/advisories/37059
http://www.securityfocus.com/bid/36707
http://www.vupen.com/english/advisories/2009/2922
https://exchange.xforce.ibmcloud.com/vulnerabilities/53789

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-12-31T19:00:00

Updated: 2024-08-07T07:08:38.277Z

Reserved: 2009-12-31T00:00:00

Link: CVE-2009-4525

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-12-31T19:30:00.530

Modified: 2024-11-21T01:09:50.233

Link: CVE-2009-4525

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object