CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Karen Stevenson: >> Calendar Security Vulnerabilities

CVE-2009-3157

Cross-site scripting (XSS) vulnerability in the Calendar module 6.x before 6.x-2.2 for Drupal allows remote authenticated users, with "create new content types" privileges, to inject arbitrary web script or HTML via the title of a content type.

CVSS Score

3.5

EPSS Score

0.003

Published

2009-09-10

Page 1

Vulnerabilities

Vulnerable Software

Karen Stevenson: >> Calendar Security Vulnerabilities

Products

Pricing

Contact Us