hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
df455d7fb554c693cc4ff853ff46b7b8a75fd748
websafe-kb/08-threat-intel/registry/advisories/drupal--CVE-2006-4109.json

70 行
1.9 KiB
JSON
原始文件 Blame 文件历史

{
"canonical_id": "drupal--CVE-2006-4109",
"system_id": "drupal",
"display_name": "Drupal",
"category": "cms",
"advisory_mode": "core",
"title": "CVE-2006-4109",
"summary": "Cross-site scripting (XSS) vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
"published_at": "2006-08-14T20:04:00.000",
"updated_at": "2025-04-03T01:03:51.193",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "http://drupal.org/node/77756",
"secondary_source_urls": [
"http://secunia.com/advisories/21435",
"http://www.securityfocus.com/bid/19441",
"http://www.vupen.com/english/advisories/2006/3227",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/28295"
],
"aliases": [
"CVE-2006-4109"
],
"cve_ids": [
"CVE-2006-4109"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"xss-output-encoding",
"file-upload-validation",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"historical_status": null,
"latest_status": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Drupal"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}
在新工单中引用 查看 Git Blame 复制永久链接