CVE-2009-1249
Drupal Feedapi Mapper - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map.
Scores
EPSS
0.0026
EPSS Percentile
48.7%
Classification
CWE
CWE-79
Status
published
Affected Products (10)
drupal/feedapi_mapper
drupal/feedapi_mapper
drupal/feedapi_mapper
drupal/feedapi_mapper
drupal/feedapi_mapper
drupal/feedapi_mapper
drupal/feedapi_mapper
drupal/feedapi_mapper
drupal/feedapi_mapper
n/a/n/a
Timeline
Published
Apr 06, 2009
Tracked Since
Feb 18, 2026