CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-13308

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.9%

CVSS Severity

CVSS v3 Score 3.8

References

https://www.drupal.org/sa-contrib-2024-072

Products affected by CVE-2024-13308

Browser Back Button Project » Browser Back Button » Version: 2.0.0

cpe:2.3:a:browser_back_button_project:browser_back_button:2.0.0
Browser Back Button Project » Browser Back Button » Version: 2.0.1

cpe:2.3:a:browser_back_button_project:browser_back_button:2.0.1
Browser Back Button Project » Browser Back Button » Version: 8.x-1.0

cpe:2.3:a:browser_back_button_project:browser_back_button:8.x-1.0
Browser Back Button Project » Browser Back Button » Version: 8.x-1.1

cpe:2.3:a:browser_back_button_project:browser_back_button:8.x-1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-13308

Products

Pricing

Contact Us