CVE-2007-3818

2007-07-16T21:30:00
ID CVE-2007-3818
Type cve
Reporter NVD
Modified 2012-10-30T22:39:57

Description

Cross-site scripting (XSS) vulnerability in the LoginToboggan module 5.x-1.x-dev before 20070712 for Drupal allows remote authenticated users with "administer blocks" permission to inject arbitrary JavaScript and gain privileges via "the message displayed above the default user login block."