First published: Mon Apr 20 2009(Updated: )
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.5 and 6.x before 6.x-1.5, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via content titles.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Drupal | ||
Drupal Print Module | =5.x | |
Drupal Print Module | =5.x-1.0 | |
Drupal Print Module | =5.x-1.1 | |
Drupal Print Module | =5.x-1.2 | |
Drupal Print Module | =5.x-1.x-dev | |
Drupal Print Module | =5.x-2.1 | |
Drupal Print Module | =5.x-2.2 | |
Drupal Print Module | =5.x-2.x-dev | |
Drupal Print Module | =5.x-3.0 | |
Drupal Print Module | =5.x-3.1 | |
Drupal Print Module | =5.x-3.2 | |
Drupal Print Module | =5.x-3.3 | |
Drupal Print Module | =5.x-3.4 | |
Drupal Print Module | =5.x-3.5 | |
Drupal Print Module | =5.x-3.6 | |
Drupal Print Module | =5.x-3.7 | |
Drupal Print Module | =5.x-4.0 | |
Drupal Print Module | =5.x-4.1 | |
Drupal Print Module | =5.x-4.2 | |
Drupal Print Module | =5.x-4.3 | |
Drupal Print Module | =5.x-4.4 | |
Drupal Print Module | =5.x-4.x-dev | |
Drupal Print Module | =6.x-1.0 | |
Drupal Print Module | =6.x-1.0-rc3 | |
Drupal Print Module | =6.x-1.0-rc4 | |
Drupal Print Module | =6.x-1.0-rc5 | |
Drupal Print Module | =6.x-1.0-rc8 | |
Drupal Print Module | =6.x-1.0-rc9 | |
Drupal Print Module | =6.x-1.1 | |
Drupal Print Module | =6.x-1.2 | |
Drupal Print Module | =6.x-1.3 | |
Drupal Print Module | =6.x-1.4 | |
Drupal Print Module | =6.x-1.x-dev |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-1343 has a high severity rating due to its potential for cross-site scripting attacks allowing the injection of arbitrary web scripts.
To fix CVE-2009-1343, you should upgrade to Drupal Print module version 5.x-4.5 or 6.x-1.5 or later.
CVE-2009-1343 affects Drupal Print module versions prior to 5.x-4.5 and 6.x-1.5.
CVE-2009-1343 can be exploited to launch cross-site scripting (XSS) attacks through manipulated content titles.
CVE-2009-1343 specifically affects 5.x and 6.x versions of the Drupal Print module and may not be relevant for later versions.