CVE-2009-2610

Published Jul 27, 2009

Last updated 16 years ago

CVSS info 3.5

Overview

Description: Cross-site scripting (XSS) vulnerability in the Links Related module in the Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via the title field.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBF42B60-FF0D-4824-B621-455517E290E9"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBA4491B-CCBB-4594-931E-CDDC18CB6BA8"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9156C955-E204-4B54-A7FE-A2CEB7E8363C"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2BDD602-5B8D-43DA-9EA0-019A8477C016"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACB8F37E-E322-40C7-A572-05D05AD30DB5"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E0619C2-2C1E-4D4C-AF2B-93F38A469D1A"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91C2CE34-B934-4F7D-ADA8-B662E607B1F5"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B99C9DE3-C795-43E8-9D07-14687E6024DB"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46D6A00F-BC7F-43BD-8981-D8DE31FF4EE9"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.12-beta1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F2D180A-55CB-4A80-B088-978FB1A71287"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:5.x-1.x-dev:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFA07466-9279-4E4D-A9FE-3AB7BAFB4F7A"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFC93781-BDEA-4C09-AC8A-4324C14BE654"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D94F3C18-6126-4771-8541-9D1FC9DE2151"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD38EFCD-1AED-4228-9F1D-104BEB35D51C"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4E37AA3-E7DE-4D45-A0DD-05A241F28A64"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8881A192-E440-4985-86EF-BAF1CA1600EB"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4713EAE-1D3A-490C-BCD3-2509D1327801"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39DB6A54-7A7C-4EEF-B5EE-FEE792631C52"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "024529DC-176A-4983-AD5E-37C0C84F89C5"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A0B0B2D-AB37-42BC-AE76-4A292656772A"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "011E93C3-F51A-4F77-9936-2213290E8A6C"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "600A4B66-6A42-4403-A46E-379A251F848F"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62A349B2-AB84-442D-993B-F54A1F0D07A9"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.0-beta15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E027A703-3F4A-454A-AE14-B800079255D9"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CBB8DB1-554F-4984-AF00-04AD5003C545"
          },
          {
            "criteria": "cpe:2.3:a:scott_courtney:links_package:6.x-1.x-dev:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D08C36D-76DF-4BAA-BEB7-B969E6F2EF1B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References