{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T04:31:51.648","vulnerabilities":[{"cve":{"id":"CVE-2008-6170","sourceIdentifier":"cve@mitre.org","published":"2009-02-19T15:30:00.420","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en Drupal v5.x anterior a v5.12 v6.x anterior a v6.6, lo que permite a usuarios remotos autenticados con permisos para crear contenidos de libros o editar la jerarquía de nodos de los libros inyectar secuencias de comandos web o HTML a través de la pagina de titulo del libro."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.0:*:*:*:*:*:*:*","matchCriteriaId":"BDBE79A6-5762-4A7C-8FDA-C11FFFDCFC9B"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.1:*:*:*:*:*:*:*","matchCriteriaId":"A5BCAB7B-DF79-4DB8-A5C4-731F251A02A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.2:*:*:*:*:*:*:*","matchCriteriaId":"E5AEAB73-F7A9-4C62-BCB6-1028DAF149DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.3:*:*:*:*:*:*:*","matchCriteriaId":"FF34F79B-6B1B-45CA-82BA-24D4254B26DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.4:*:*:*:*:*:*:*","matchCriteriaId":"1C4C5857-3690-4D74-B135-B6AB7E766FB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.5:*:*:*:*:*:*:*","matchCriteriaId":"1EC12E03-C4B0-4B2F-B70B-0EB19C450AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.6:*:*:*:*:*:*:*","matchCriteriaId":"FD50E551-7609-45EF-B2C6-3873D9CF8DB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.7:*:*:*:*:*:*:*","matchCriteriaId":"327712EE-8E9B-4A62-94A8-504C9CD2DE97"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.8:*:*:*:*:*:*:*","matchCriteriaId":"0C4FC56B-0289-411C-88BF-144D7338D456"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.9:*:*:*:*:*:*:*","matchCriteriaId":"ED3ECEA7-E6D3-43E8-A281-56C7F95A0B7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.10:*:*:*:*:*:*:*","matchCriteriaId":"28BE4DF7-6884-49BA-99D0-FCAE6DB75242"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:5.11:*:*:*:*:*:*:*","matchCriteriaId":"DE7287CD-A5FB-4428-8656-F466A8E47463"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*","matchCriteriaId":"FFE07AAD-9207-4C5F-A108-7F7753E4F48C"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*","matchCriteriaId":"52D8F291-CBEB-4EAA-9388-F63066A2DFA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*","matchCriteriaId":"B0BD5AEC-F20E-4E53-AF3F-2C60BA2D2171"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*","matchCriteriaId":"A5D76BC5-0409-4D78-8064-A78B923E9167"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*","matchCriteriaId":"BB73B2E1-2554-4CA2-9C82-B694509CE43A"},{"vulnerable":true,"criteria":"cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*","matchCriteriaId":"3A7827ED-D8AF-42B3-B514-39A04EB0879A"}]}]}],"references":[{"url":"http://drupal.org/node/324824","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/32297","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/32441","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/31882","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2008/2913","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46052","source":"cve@mitre.org"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00783.html","source":"cve@mitre.org"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00826.html","source":"cve@mitre.org"},{"url":"http://drupal.org/node/324824","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/32297","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/32441","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/31882","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2008/2913","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46052","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00783.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00826.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}