CVE-2009-4829
Published Apr 27, 2010
Last updated 15 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privileges to inject arbitrary web script or HTML via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:james_glasgow:autologout:6.x-1.0:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6F68682-67B5-42F0-BF60-A5A1B43A3702"
},
{
"criteria": "cpe:2.3:a:james_glasgow:autologout:6.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8D1DDB6-6234-4AD9-9349-76353D2FF57A"
},
{
"criteria": "cpe:2.3:a:james_glasgow:autologout:6.x-1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94E0F735-DBA1-4E43-9127-3A4134A9935A"
},
{
"criteria": "cpe:2.3:a:james_glasgow:autologout:6.x-1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C537650-EAA6-4C5E-A05C-C51D72384CED"
},
{
"criteria": "cpe:2.3:a:james_glasgow:autologout:6.x-1.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72033073-E9E9-4E22-9F5A-05E8C02B8CD6"
},
{
"criteria": "cpe:2.3:a:james_glasgow:autologout:6.x-2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E78EF0F1-7B90-4A5F-93B0-724C37F6C618"
},
{
"criteria": "cpe:2.3:a:james_glasgow:autologout:6.x-2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "219023F5-7C3D-4FA5-A45F-5F46620E1857"
},
{
"criteria": "cpe:2.3:a:john_vandervort:autologout:6.x-1.1:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C8AD83F-B705-464E-8AA1-4C718B492572"
},
{
"criteria": "cpe:2.3:a:john_vandervort:autologout:6.x-1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CCD4B0A-E336-4216-9E63-E7AB0BFAA780"
},
{
"criteria": "cpe:2.3:a:john_vandervort:autologout:6.x-1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57AA5C63-72F9-4A06-A577-42B864D563C0"
},
{
"criteria": "cpe:2.3:a:john_vandervort:autologout:6.x-1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0431926C-564D-4D3F-8E72-F1F8668342E9"
},
{
"criteria": "cpe:2.3:a:john_vandervort:autologout:6.x-2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4903FCB-4B5B-4C42-B1F4-585C8CBF6E76"
},
{
"criteria": "cpe:2.3:a:john_vandervort:autologout:6.x-2.x:dev:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C76E4310-8443-4963-A612-3A2085ECD375"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]