cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2009-1069,https://securityvulnerability.io/vulnerability/CVE-2009-1069,,"Multiple cross-site scripting (XSS) vulnerabilities in the node edit form feature in Drupal Content Construction Kit (CCK) 6.x before 6.x-2.2, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the (1) titles of candidate referenced nodes in the Node reference sub-module and the (2) names of candidate referenced users in the User reference sub-module.",Drupal,Content Construction Kit,,,0.00279000005684793,false,,false,false,false,,,false,false,,2009-03-26T05:51:00.000Z,0
CVE-2008-6229,https://securityvulnerability.io/vulnerability/CVE-2008-6229,,"Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construction Kit (CCK) 5.x before 5.x-1.10 and 6.x before 6.x-2.0, a module for Drupal, allows remote authenticated users with ""administer content"" permissions to inject arbitrary web script or HTML via (1) field labels and (2) content-type names.",Drupal,Content Construction Kit,,,0.0011099999537691474,false,,false,false,false,,,false,false,,2009-02-20T23:00:00.000Z,0
CVE-2007-4363,https://securityvulnerability.io/vulnerability/CVE-2007-4363,,"Multiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Construction Kit (CCK) before 4.7.x-1.6, and 5.x before 5.x-1.6 ,allow remote attackers to inject arbitrary web script or HTML via nodereference fields, when using (1) the plain formatter or (2) the autocomplete text field widget without Views.module.",Drupal,Content Construction Kit,,,0.018699999898672104,false,,false,false,false,,,false,false,,2007-08-15T19:00:00.000Z,0