CVE-2013-5938

2013-09-2514:00:00

mitre

www.cve.org

5.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.5%

JSON

Cross-site scripting (XSS) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a confirmation form.

References

osvdb.org/97204

seclists.org/fulldisclosure/2013/Sep/64

www.openwall.com/lists/oss-security/2013/10/21/5

drupal.org/node/2087055

exchange.xforce.ibmcloud.com/vulnerabilities/87050