NVD

Id
259  
Name
CVE-2008-0274  
Description
Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML via crafted links involving theme .tpl.php files.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-01-15  
Modified Date
2011-03-07  
Seq
2008-0274  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
1810 259 CVE-2008-0274 http://drupal.org/node/208565  View
1811 259 CVE-2008-0274 27238  View
1812 259 CVE-2008-0274 http://www.vbdrupal.org/forum/showthread.php?p=6878  View
1813 259 CVE-2008-0274 http://www.vbdrupal.org/forum/showthread.php?t=1349  View
1814 259 CVE-2008-0274 ADV-2008-0127  View
1815 259 CVE-2008-0274 ADV-2008-0134  View
1816 259 CVE-2008-0274 drupal-theme-xss(39605)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
46793 JVNDB-2008-002103 Drupal における .htaccess 保護機能に関するクロスサイトスクリプティングの脆弱性 Drupal には、特定の .htaccess 保護機能が無効である場合、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-0274 30387 CVE-2008-0274 259 2.6 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002103.html 2008-01-15 2008-12-24 View