Unrated severityNVD Advisory· Published Feb 25, 2009· Updated Jun 16, 2026
CVE-2008-6275
CVE-2008-6275
Description
Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified messages.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:drupal:user_karma_module:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:drupal:user_karma_module:*:*:*:*:*:*:*:*range: <=5.x-1.12
- cpe:2.3:a:drupal:user_karma_module:5.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.10:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.4:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.5:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.6:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.7:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.8:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.9:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:user_karma_module:5.x-1.xdev:*:*:*:*:*:*:*
- (no CPE)range: 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1
Patches
Vulnerability mechanics
References
5- drupal.org/node/339553nvdPatchVendor Advisory
- www.securityfocus.com/bid/32491nvdPatch
- secunia.com/advisories/32904nvdVendor Advisory
- osvdb.org/50208nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46947nvd
News mentions
0No linked articles in our index yet.