VYPR
Unrated severityNVD Advisory· Published Apr 6, 2009· Updated Jun 16, 2026

CVE-2009-1249

CVE-2009-1249

Description

Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.0:beta7:*:*:*:*:*:*
    • cpe:2.3:a:drupal:feedapi_mapper:5.x-1.x:dev:*:*:*:*:*:*
  • Range: <5.x-1.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.