CVE-2009-1738

Metadata

CVE-2009-1738
3.5
drupal.org, drupal.org, securityfocus.com, vupen.com, exchange.xforce.ibmcloud.com
2009-05-20
2017-08-17 06:09

Description

Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with administrator feed permissions to inject arbitrary web script or HTML via unspecified vectors in "aggregator items."

Related Vulnerabilities