PT-2009-5923 · Drupal · Browscap

Greg Knaddison

Published

2009-10-09

Updated

2017-08-17

CVE-2009-3651

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Browscap versions prior to 5.x-1.1 Browscap versions prior to 6.x-1.1

Description A cross-site scripting (XSS) issue exists in the Monitor browsers' feature of the Browscap module for Drupal. This issue allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.

Recommendations For Browscap versions prior to 5.x-1.1, update to version 5.x-1.1 or later. For Browscap versions prior to 6.x-1.1, update to version 6.x-1.1 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2009-3651

Affected Products

Browscap

PT-2009-5923 · Drupal · Browscap

CVE-2009-3651

Weakness Enumeration

Related Identifiers

Affected Products

References · 8