Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ron_jerome | bibliography | 5.x-1.5 |
| ron_jerome | bibliography | 6.x-1.0 |
| ron_jerome | bibliography | 6.x-1.0-beta4 |
| ron_jerome | bibliography | 5.x-1.0 |
| ron_jerome | bibliography | 6.x-1.6 |
| ron_jerome | bibliography | 6.x-1.0-beta9 |
| ron_jerome | bibliography | 5.x-1.4 |
| ron_jerome | bibliography | 6.x-1.1 |
| ron_jerome | bibliography | 5.x-1.x-dev |
| ron_jerome | bibliography | 5.x-1.7 |
| ron_jerome | bibliography | 6.x-1.0-beta3 |
| ron_jerome | bibliography | 6.x-1.0-beta2 |
| ron_jerome | bibliography | 5.x-1.2 |
| ron_jerome | bibliography | 6.x-1.0-beta8 |
| ron_jerome | bibliography | 6.x-1.2 |
| ron_jerome | bibliography | 6.x-1.0-beta7 |
| ron_jerome | bibliography | 6.x-1.4 |
| ron_jerome | bibliography | 6.x-1.0-beta6 |
| ron_jerome | bibliography | 6.x-1.0-beta1 |
| ron_jerome | bibliography | 6.x-1.3 |
| ron_jerome | bibliography | 5.x-1.1 |
| ron_jerome | bibliography | 6.x-1.x-dev |
| ron_jerome | bibliography | 6.x-1.0-beta5 |
| ron_jerome | bibliography | 6.x-1.5 |
| ron_jerome | bibliography | 5.x-1.3 |
| ron_jerome | bibliography | 5.x-1.6 |
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-1358.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ron_jerome | bibliography | 6.x-1.0 |
| ron_jerome | bibliography | 6.x-1.0-beta4 |
| ron_jerome | bibliography | 5.x-1.17 |
| ron_jerome | bibliography | 5.x-1.0 |
| ron_jerome | bibliography | 6.x-1.6 |
| ron_jerome | bibliography | 5.x-1.14 |
| ron_jerome | bibliography | 6.x-1.0-beta9 |
| ron_jerome | bibliography | 6.x-1.1 |
| ron_jerome | bibliography | 6.x-1.0-beta3 |
| ron_jerome | bibliography | 6.x-1.0-beta2 |
| ron_jerome | bibliography | 6.x-1.0-beta8 |
| ron_jerome | bibliography | 5.x-1.13 |
| ron_jerome | bibliography | 6.x-1.2 |
| ron_jerome | bibliography | 6.x-1.0-beta7 |
| ron_jerome | bibliography | 5.x-1.11 |
| ron_jerome | bibliography | 5.x-1.16 |
| ron_jerome | bibliography | 6.x-1.4 |
| ron_jerome | bibliography | 5.x-1.10 |
| ron_jerome | bibliography | 6.x-1.0-beta6 |
| ron_jerome | bibliography | 6.x-1.0-beta1 |
| ron_jerome | bibliography | 6.x-1.3 |
| ron_jerome | bibliography | 5.x-1.1 |
| ron_jerome | bibliography | 6.x-1.x-dev |
| ron_jerome | bibliography | 5.x-1.15 |
| ron_jerome | bibliography | 6.x-1.0-beta5 |
| ron_jerome | bibliography | 6.x-1.5 |
| ron_jerome | bibliography | 5.x-1.12 |