Unrated severityNVD Advisory· Published Oct 9, 2009· Updated Jun 16, 2026
CVE-2009-3653
CVE-2009-3653
Description
Cross-site scripting (XSS) vulnerability in the additional links interface in XML Sitemap 5.x-1.6, a module for Drupal, allows remote authenticated users, with "administer site configuration" permission, to inject arbitrary web script or HTML via unspecified vectors, related to link path output.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:darren_oh:xml_sitemap:5.x-1.6:*:*:*:*:*:*:*
- Range: =5.x-1.6
Patches
Vulnerability mechanics
References
4- drupal.org/node/591724nvdPatchVendor Advisory
- drupal.org/node/591732nvdPatchVendor Advisory
- www.securityfocus.com/bid/36556nvdPatch
- exchange.xforce.ibmcloud.com/vulnerabilities/53572nvd
News mentions
0No linked articles in our index yet.