Unrated severityNVD Advisory· Published Oct 9, 2009· Updated Jun 16, 2026
CVE-2009-3648
CVE-2009-3648
Description
Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:apsivam:service_links:6.x-1.0:*:*:*:*:*:*:*
- Range: 6.x-1.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.