Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2009-4369

Cross-site scripting (XSS) vulnerability in the Contact module (modules/contact/contact.admin.inc or modules/contact/contact.module) in Drupal Core 5.x before 5.21 and 6.x before 6.15 allows remote authenticated users with "administer site-wide contact form" permissions to inject arbitrary web script or HTML via the contact category name.

  • Published: Dec 21, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-4369
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
drupal / drupal 5.10 5.10.x
drupal / drupal 5.4 5.4.x
drupal / drupal 6.0-beta2 6.0-beta2.x
drupal / drupal 6.2 6.2.x
drupal / drupal 5.17 5.17.x
drupal / drupal 5.13 5.13.x
drupal / drupal 6.14 6.14.x
drupal / drupal 6.13 6.13.x
drupal / drupal 5.12 5.12.x
drupal / drupal 5.2 5.2.x
drupal / drupal 6.0-beta4 6.0-beta4.x
drupal / drupal 6.12 6.12.x
drupal / drupal 5.7 5.7.x
drupal / drupal 6.0-rc-2 6.0-rc-2.x
drupal / drupal 6.4 6.4.x
drupal / drupal 5.0-rc2 5.0-rc2.x
drupal / drupal 6.11 6.11.x
drupal / drupal 6.0-beta1 6.0-beta1.x
drupal / drupal 5.16 5.16.x
drupal / drupal 6.0-rc-1 6.0-rc-1.x
drupal / drupal 5.0 5.0.x
drupal / drupal 6.0-rc-3 6.0-rc-3.x
drupal / drupal 5.15 5.15.x
drupal / drupal 5.x-dev 5.x-dev.x
drupal / drupal 5.18 5.18.x
drupal / drupal 6.7 6.7.x
drupal / drupal 5.0-rc1 5.0-rc1.x
drupal / drupal 6.8 6.8.x
drupal / drupal 6.1 6.1.x
drupal / drupal 5.6 5.6.x
drupal / drupal 5.0-beta2 5.0-beta2.x
drupal / drupal 5.1 5.1.x
drupal / drupal 6.5 6.5.x
drupal / drupal 5.19 5.19.x
drupal / drupal 5.5 5.5.x
drupal / drupal 6.10 6.10.x
drupal / drupal 6.6 6.6.x
drupal / drupal 6.0 6.0.x
drupal / drupal 5.14 5.14.x
drupal / drupal 5.9 5.9.x
drupal / drupal 6.0-rc-4 6.0-rc-4.x
drupal / drupal 5.8 5.8.x
drupal / drupal 6.0-beta3 6.0-beta3.x
drupal / drupal 6.3 6.3.x
drupal / drupal 5.0-beta1 5.0-beta1.x
drupal / drupal 5.11 5.11.x
drupal / drupal 5.20 5.20.x
drupal / drupal 6.9 6.9.x