CVE-2009-3488

Name of the Vulnerable Software and Affected Versions Bibliography module versions 6.x-1.6

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote authenticated users with certain content-creation privileges to inject arbitrary web script or HTML via the Title field.

Recommendations For version 6.x-1.6, consider restricting access to the Bibliography module to minimize the risk of exploitation. As a temporary workaround, avoid using the Title field in the Bibliography module until a fix is available.