CVE 2009-2373
Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x before 6.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Related bugs and status
CVE-2009-2373 (Candidate) is related to these bugs:
Bug #395004: Drupal 6.13 released to fix moderately critical security vulnerability
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 395004 | Drupal 6.13 released to fix moderately critical security vulnerability | drupal6 (Ubuntu) | Medium | Invalid | ||
| 395004 | Drupal 6.13 released to fix moderately critical security vulnerability | drupal6 (Ubuntu Jaunty) | Medium | Invalid | ||
| 395004 | Drupal 6.13 released to fix moderately critical security vulnerability | drupal6 (Ubuntu Karmic) | Medium | Invalid | ||
Bug #431080: Fix critical security issues in drupal packages
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Hardy) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Intrepid) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Jaunty) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Ubuntu Karmic) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal5 (Debian) | Unknown | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Hardy) | Undecided | Invalid | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Intrepid) | Undecided | Invalid | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Jaunty) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Ubuntu Karmic) | Undecided | Fix Released | ||
| 431080 | Fix critical security issues in drupal packages | drupal6 (Debian) | Unknown | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
