Vulnerability Details CVE-2008-2849
Cross-site scripting (XSS) vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.5%
CVSS Severity
CVSS v2 Score 3.5
References
- http://drupal.org/node/272191
- http://secunia.com/advisories/30764
- http://www.securityfocus.com/bid/29807
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43168
- http://drupal.org/node/272191
- http://secunia.com/advisories/30764
- http://www.securityfocus.com/bid/29807
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43168
Products affected by CVE-2008-2849
-
cpe:2.3:a:drupal:trailscout_module:5