CVE-2009-3648
CVE-2009-3648 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.
Learn more about our Web App Pen Testing.