What is the severity of CVE-2009-2610?

CVE-2009-2610 has been rated as a medium severity vulnerability due to its potential for cross-site scripting attacks.

How do I fix CVE-2009-2610?

To fix CVE-2009-2610, upgrade the Links Package module to version 5.x-1.13 or later for Drupal 5.x, or to version 6.x-1.2 or later for Drupal 6.x.

Who is affected by CVE-2009-2610?

CVE-2009-2610 affects users of the Links Package module versions prior to 5.x-1.13 and 6.x-1.2 on Drupal.

What types of attacks can CVE-2009-2610 enable?

CVE-2009-2610 can allow remote authenticated users to inject arbitrary web scripts or HTML, potentially compromising the integrity of the website.

What software versions are vulnerable to CVE-2009-2610?

The vulnerable software versions include Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2.

Vulnerability/
CVE-2009-2610

low

3.5

CWE

27/7/2009

17/9/2024

CVE-2009-2610: XSS

First published: Mon Jul 27 2009(Updated: )

Cross-site scripting (XSS) vulnerability in the Links Related module in the Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via the title field.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Drupal Drupal
Scott Courtney Links Package	=5.x-1.2
Scott Courtney Links Package	=5.x-1.4
Scott Courtney Links Package	=5.x-1.5
Scott Courtney Links Package	=5.x-1.6
Scott Courtney Links Package	=5.x-1.7
Scott Courtney Links Package	=5.x-1.8
Scott Courtney Links Package	=5.x-1.9
Scott Courtney Links Package	=5.x-1.11
Scott Courtney Links Package	=5.x-1.12
Scott Courtney Links Package	=5.x-1.12-beta1
Scott Courtney Links Package	=5.x-1.x-dev
Scott Courtney Links Package	=6.x-1.0
Scott Courtney Links Package	=6.x-1.0-beta1
Scott Courtney Links Package	=6.x-1.0-beta2
Scott Courtney Links Package	=6.x-1.0-beta3
Scott Courtney Links Package	=6.x-1.0-beta5
Scott Courtney Links Package	=6.x-1.0-beta6
Scott Courtney Links Package	=6.x-1.0-beta7
Scott Courtney Links Package	=6.x-1.0-beta10
Scott Courtney Links Package	=6.x-1.0-beta11
Scott Courtney Links Package	=6.x-1.0-beta12
Scott Courtney Links Package	=6.x-1.0-beta13
Scott Courtney Links Package	=6.x-1.0-beta14
Scott Courtney Links Package	=6.x-1.0-beta15
Scott Courtney Links Package	=6.x-1.1
Scott Courtney Links Package	=6.x-1.x-dev

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-2610?
CVE-2009-2610 has been rated as a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2009-2610?
To fix CVE-2009-2610, upgrade the Links Package module to version 5.x-1.13 or later for Drupal 5.x, or to version 6.x-1.2 or later for Drupal 6.x.
Who is affected by CVE-2009-2610?
CVE-2009-2610 affects users of the Links Package module versions prior to 5.x-1.13 and 6.x-1.2 on Drupal.
What types of attacks can CVE-2009-2610 enable?
CVE-2009-2610 can allow remote authenticated users to inject arbitrary web scripts or HTML, potentially compromising the integrity of the website.
What software versions are vulnerable to CVE-2009-2610?
The vulnerable software versions include Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
agent/remedy
agent/author
agent/weakness
agent/severity
agent/tags
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
vendor/drupal
canonical/drupal drupal
vendor/scott courtney
canonical/scott courtney links package
version/scott courtney links package/5.x-1.2
version/scott courtney links package/5.x-1.4
version/scott courtney links package/5.x-1.5
version/scott courtney links package/5.x-1.6
version/scott courtney links package/5.x-1.7
version/scott courtney links package/5.x-1.8
version/scott courtney links package/5.x-1.9
version/scott courtney links package/5.x-1.11
version/scott courtney links package/5.x-1.12
version/scott courtney links package/5.x-1.12-beta1
version/scott courtney links package/5.x-1.x-dev
version/scott courtney links package/6.x-1.0
version/scott courtney links package/6.x-1.0-beta1
version/scott courtney links package/6.x-1.0-beta2
version/scott courtney links package/6.x-1.0-beta3
version/scott courtney links package/6.x-1.0-beta5
version/scott courtney links package/6.x-1.0-beta6
version/scott courtney links package/6.x-1.0-beta7
version/scott courtney links package/6.x-1.0-beta10
version/scott courtney links package/6.x-1.0-beta11
version/scott courtney links package/6.x-1.0-beta12
version/scott courtney links package/6.x-1.0-beta13
version/scott courtney links package/6.x-1.0-beta14
version/scott courtney links package/6.x-1.0-beta15
version/scott courtney links package/6.x-1.1
version/scott courtney links package/6.x-1.x-dev

Frequently Asked Questions

What is the severity of CVE-2009-2610?
CVE-2009-2610 has been rated as a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2009-2610?
To fix CVE-2009-2610, upgrade the Links Package module to version 5.x-1.13 or later for Drupal 5.x, or to version 6.x-1.2 or later for Drupal 6.x.
Who is affected by CVE-2009-2610?
CVE-2009-2610 affects users of the Links Package module versions prior to 5.x-1.13 and 6.x-1.2 on Drupal.
What types of attacks can CVE-2009-2610 enable?
CVE-2009-2610 can allow remote authenticated users to inject arbitrary web scripts or HTML, potentially compromising the integrity of the website.
What software versions are vulnerable to CVE-2009-2610?
The vulnerable software versions include Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2.

CVE-2009-2610: XSS

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-2610?

How do I fix CVE-2009-2610?

Who is affected by CVE-2009-2610?

What types of attacks can CVE-2009-2610 enable?

What software versions are vulnerable to CVE-2009-2610?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-2610?

How do I fix CVE-2009-2610?

Who is affected by CVE-2009-2610?

What types of attacks can CVE-2009-2610 enable?

What software versions are vulnerable to CVE-2009-2610?