Vulnerability Details CVE-2014-9364
Cross-site scripting (XSS) vulnerability in the Unified Login form in the LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.9%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2014-9364
-
cpe:2.3:a:logintoboggan_project:logintoboggan:7.x-1.0
-
cpe:2.3:a:logintoboggan_project:logintoboggan:7.x-1.1
-
cpe:2.3:a:logintoboggan_project:logintoboggan:7.x-1.2
-
cpe:2.3:a:logintoboggan_project:logintoboggan:7.x-1.3
-
cpe:2.3:a:logintoboggan_project:logintoboggan:7.x-1.x