CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6229

Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construction Kit (CCK) 5.x before 5.x-1.10 and 6.x before 6.x-2.0, a module for Drupal, allows remote authenticated users with "administer content" permissions to inject arbitrary web script or HTML via (1) field labels and (2) content-type names.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.5%

CVSS Severity

CVSS v2 Score 3.5

References

Products affected by CVE-2008-6229

Drupal » Content Construction Kit » Version: 5.x-1.0

cpe:2.3:a:drupal:content_construction_kit:5.x-1.0
Drupal » Content Construction Kit » Version: 5.x-1.1

cpe:2.3:a:drupal:content_construction_kit:5.x-1.1
Drupal » Content Construction Kit » Version: 5.x-1.2

cpe:2.3:a:drupal:content_construction_kit:5.x-1.2
Drupal » Content Construction Kit » Version: 5.x-1.3

cpe:2.3:a:drupal:content_construction_kit:5.x-1.3
Drupal » Content Construction Kit » Version: 5.x-1.4

cpe:2.3:a:drupal:content_construction_kit:5.x-1.4
Drupal » Content Construction Kit » Version: 5.x-1.5

cpe:2.3:a:drupal:content_construction_kit:5.x-1.5
Drupal » Content Construction Kit » Version: 5.x-1.6

cpe:2.3:a:drupal:content_construction_kit:5.x-1.6
Drupal » Content Construction Kit » Version: 5.x-1.7

cpe:2.3:a:drupal:content_construction_kit:5.x-1.7
Drupal » Content Construction Kit » Version: 5.x-1.8

cpe:2.3:a:drupal:content_construction_kit:5.x-1.8
Drupal » Content Construction Kit » Version: 5.x-1.9

cpe:2.3:a:drupal:content_construction_kit:5.x-1.9
Drupal » Content Construction Kit » Version: 5.x-1.x-dev

cpe:2.3:a:drupal:content_construction_kit:5.x-1.x-dev
Drupal » Content Construction Kit » Version: 6.x-1.0

cpe:2.3:a:drupal:content_construction_kit:6.x-1.0
Drupal » Content Construction Kit » Version: 6.x-1.x-dev

cpe:2.3:a:drupal:content_construction_kit:6.x-1.x-dev

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6229

Products

Pricing

Contact Us