VYPR
Unrated severityNVD Advisory· Published Apr 27, 2010· Updated Jun 16, 2026

CVE-2009-4829

CVE-2009-4829

Description

Cross-site scripting (XSS) vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privileges to inject arbitrary web script or HTML via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • cpe:2.3:a:james_glasgow:autologout:6.x-1.0:beta:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:james_glasgow:autologout:6.x-1.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:james_glasgow:autologout:6.x-1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:james_glasgow:autologout:6.x-1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:james_glasgow:autologout:6.x-1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:james_glasgow:autologout:6.x-1.x:dev:*:*:*:*:*:*
    • cpe:2.3:a:james_glasgow:autologout:6.x-2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:james_glasgow:autologout:6.x-2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:john_vandervort:autologout:6.x-1.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:john_vandervort:autologout:6.x-1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:john_vandervort:autologout:6.x-1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:john_vandervort:autologout:6.x-1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:john_vandervort:autologout:6.x-2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:john_vandervort:autologout:6.x-2.x:dev:*:*:*:*:*:*
  • Range: <6.x-1.7, <6.x-2.3

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.