CVE Vulnerabilities

CVE-2007-3818

Published: Jul 17, 2007 | Modified: Oct 31, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.5 LOW
AV:N/AC:M/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in the LoginToboggan module 5.x-1.x-dev before 20070712 for Drupal allows remote authenticated users with administer blocks permission to inject arbitrary JavaScript and gain privileges via the message displayed above the default user login block.

Affected Software

Name Vendor Start Version End Version
Logintoboggan_module Drupal * 5.x-1.x-dev
Logintoboggan_module Drupal * 4.7.x-1.0

References