Vulnerability Details CVE-2013-5938
Cross-site scripting (XSS) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a confirmation form.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/97204
- http://seclists.org/fulldisclosure/2013/Sep/64
- http://www.openwall.com/lists/oss-security/2013/10/21/5
- https://drupal.org/node/2087055
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87050
- http://osvdb.org/97204
- http://seclists.org/fulldisclosure/2013/Sep/64
- http://www.openwall.com/lists/oss-security/2013/10/21/5
- https://drupal.org/node/2087055
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87050
Products affected by CVE-2013-5938
-
cpe:2.3:a:click2sell:click2sell_suite_module:6.x-1.0
-
cpe:2.3:a:drupal:drupal:-