Unrated severityNVD Advisory· Published Feb 14, 2014· Updated Jun 16, 2026
CVE-2013-4499
CVE-2013-4499
Description
Cross-site scripting (XSS) vulnerability in the Bean module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the bean title.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:bean_project:bean:7.x-1.0:*:*:*:*:drupal:*:*+ 3 more
- cpe:2.3:a:bean_project:bean:7.x-1.0:*:*:*:*:drupal:*:*
- cpe:2.3:a:bean_project:bean:7.x-1.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:bean_project:bean:7.x-1.2:*:*:*:*:drupal:*:*
- cpe:2.3:a:bean_project:bean:7.x-1.4:*:*:*:*:drupal:*:*
Patches
Vulnerability mechanics
References
3- drupal.org/node/2118867nvdPatch
- drupal.org/node/2118873nvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/88278nvd
News mentions
0No linked articles in our index yet.