更新: 2423 个文件 - 2026-03-18 14:23:01

08-threat-intel/registry/advisories/drupal--CVE-2006-4109.json

@@ -0,0 +1,69 @@
+{
+  "canonical_id": "drupal--CVE-2006-4109",
+  "system_id": "drupal",
+  "display_name": "Drupal",
+  "category": "cms",
+  "advisory_mode": "core",
+  "title": "CVE-2006-4109",
+  "summary": "Cross-site scripting (XSS) vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
+  "published_at": "2006-08-14T20:04:00.000",
+  "updated_at": "2025-04-03T01:03:51.193",
+  "severity": "medium",
+  "cvss_score": 4.3,
+  "exploit_status": "unknown",
+  "source_confidence": "official",
+  "official_source_url": "http://drupal.org/node/77756",
+  "secondary_source_urls": [
+    "http://secunia.com/advisories/21435",
+    "http://www.securityfocus.com/bid/19441",
+    "http://www.vupen.com/english/advisories/2006/3227",
+    "https://exchange.xforce.ibmcloud.com/vulnerabilities/28295"
+  ],
+  "aliases": [
+    "CVE-2006-4109"
+  ],
+  "cve_ids": [
+    "CVE-2006-4109"
+  ],
+  "ghsa_ids": [],
+  "osv_ids": [],
+  "affected_versions": [],
+  "fixed_versions": [],
+  "package_name": null,
+  "render_markdown": false,
+  "case_path": null,
+  "secure_code_topics": [
+    "authz-server-side-recheck",
+    "xss-output-encoding",
+    "file-upload-validation",
+    "plugin-extension-trust-policy"
+  ],
+  "status": "triage",
+  "triage_reasons": [
+    "missing affected/fixed version details"
+  ],
+  "verification_status": "triage-manual",
+  "verification_mode": "synthetic",
+  "last_verified_at": null,
+  "last_run_id": null,
+  "evidence_bundle": null,
+  "historical_status": null,
+  "latest_status": null,
+  "browser_evidence": {
+    "required": false,
+    "present": false,
+    "refs": []
+  },
+  "repro_profile_id": "xss-generic",
+  "artifact_mode": "official-image",
+  "blocked_reason": null,
+  "metadata": {
+    "source_names": [
+      "NVD Drupal"
+    ],
+    "source_kinds": [
+      "nvd-search"
+    ],
+    "candidate_count": 1
+  }
+}