CVE-2009-3918

Zoomify <6.x-1.4 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the Zoomify module 5.x before 5.x-2.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the node title.

References (7)

Scores

EPSS 0.0040
EPSS Percentile 60.6%

Classification

CWE
CWE-79
Status published

Affected Products (11)

karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
karim_ratib/zoomify
n/a/n/a

Timeline

Published Nov 09, 2009
Tracked Since Feb 18, 2026