CVE-2009-4063

Drupal OG <5.x-4.0, <5.x-3.4 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the Subgroups for Organic Groups (OG) module 5.x before 5.x-4.0 and 5.x before 5.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified node titles.

References (6)

Scores

EPSS 0.0040
EPSS Percentile 60.6%

Classification

CWE
CWE-79
Status published

Affected Products (10)

ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
ezra_barnett_gildesgame/og_subgroups
n/a/n/a

Timeline

Published Nov 24, 2009
Tracked Since Feb 18, 2026