Cross-site Scripting Vulnerability in Bibliography Module for Drupal
CVE-2006-4109

Currently unrated

Key Information:

Vendor: Drupal
Status: Bibliography Module
Vendor: CVE Published:; 14 August 2006

What is CVE-2006-4109?

The Bibliography module in Drupal versions prior to specific revisions is vulnerable to a Cross-site Scripting (XSS) flaw. This allows attackers to execute arbitrary web scripts or HTML code through unspecified vectors, potentially compromising the integrity of users' web sessions and exposing sensitive data. Proper sanitization and validation mechanisms should be implemented to prevent such vulnerabilities.

References

http://secunia.com/advisories/21435

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/3227

vdb-entryx_refsource_VUPEN

http://drupal.org/node/77756

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2006
Vulnerability Reserved
Aug 14, 2006