Unrated severityNVD Advisory· Published Nov 24, 2009· Updated Jun 16, 2026
CVE-2009-4064
CVE-2009-4064
Description
Cross-site scripting (XSS) vulnerability in the Gallery Assist module 6.x before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via node titles.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:puntolatinoclub:gallery_assist_module:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:puntolatinoclub:gallery_assist_module:*:*:*:*:*:*:*:*range: <=6.x-1.6
- cpe:2.3:a:puntolatinoclub:gallery_assist_module:6.x-1.5:*:*:*:*:*:*:*
- cpe:2.3:a:puntolatinoclub:gallery_assist_module:6.x-1.6-beta1:*:*:*:*:*:*:*
- cpe:2.3:a:puntolatinoclub:gallery_assist_module:6.x-1.6-dev:*:*:*:*:*:*:*
- Range: <6.x-1.7
Patches
Vulnerability mechanics
References
6- drupal.org/node/636488nvdPatch
- drupal.org/node/636660nvdPatchVendor Advisory
- www.securityfocus.com/bid/37061nvdPatch
- secunia.com/advisories/37425nvdVendor Advisory
- osvdb.org/60270nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/54347nvd
News mentions
0No linked articles in our index yet.