Cross-Site Scripting Vulnerability in EveryBlog for Drupal by EveryBlog
CVE-2008-6135

Currently unrated

Key Information:

Vendor: Drupal
Status: Everyblog
Vendor: CVE Published:; 14 February 2009

What is CVE-2008-6135?

The vulnerability in EveryBlog versions 5.x and 6.x enables remote attackers to exploit cross-site scripting (XSS) flaws, allowing them to inject arbitrary web scripts or HTML. This poses a significant risk to users, as malicious scripts may be executed within the context of the user's browser, potentially leading to unauthorized actions or data exposure.

References

http://www.securityfocus.com/bid/31656

vdb-entryx_refsource_BID

http://secunia.com/advisories/32194

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/45757

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2009
Vulnerability Reserved
Feb 13, 2009