ID OSVDB:36343Type osvdbReporter Chad Phillips()Modified 2007-07-13T17:37:55
Description
No description provided by the source
References:
Secunia Advisory ID:26028
Other Advisory URL: http://drupal.org/node/158921
Mail List Post: http://archives.neohapsis.com/archives/secunia/2007-q3/0157.html
ISS X-Force ID: 35387
FrSIRT Advisory: ADV-2007-2526
CVE-2007-3817
Bugtraq ID: 24901
{"bulletinFamily": "software", "viewCount": 0, "reporter": "Chad Phillips()", "references": [], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:26028](https://secuniaresearch.flexerasoftware.com/advisories/26028/)\nOther Advisory URL: http://drupal.org/node/158921\nMail List Post: http://archives.neohapsis.com/archives/secunia/2007-q3/0157.html\nISS X-Force ID: 35387\nFrSIRT Advisory: ADV-2007-2526\n[CVE-2007-3817](https://vulners.com/cve/CVE-2007-3817)\nBugtraq ID: 24901\n", "affectedSoftware": [], "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "a07f44ff62f7aa93494da0fa10ef7f70"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "6378578e0be091fc6a6238994e632739"}, {"key": "href", "hash": "d79a970b163e8255400f1962d6fceee4"}, {"key": "modified", "hash": "de88a62f1514b48581400aecd4f07a33"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "de88a62f1514b48581400aecd4f07a33"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "74c2af99aa34a88f545d51e7063a314f"}, {"key": "title", "hash": "966cbb229ef53908b3eb4a42bcdf4781"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "href": "https://vulners.com/osvdb/OSVDB:36343", "modified": "2007-07-13T17:37:55", "objectVersion": "1.2", "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2017-04-28T13:20:32"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-3817"]}], "modified": "2017-04-28T13:20:32"}, "vulnersScore": 6.0}, "id": "OSVDB:36343", "title": "Drupal LoginToboggan Module Crafted Username XSS", "hash": "eb228fa0fa0681813a144b49d87fad90c95a76ae88dff40661fc2c83715b4919", "edition": 1, "published": "2007-07-13T17:37:55", "type": "osvdb", "history": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "cvelist": ["CVE-2007-3817"], "lastseen": "2017-04-28T13:20:32"}
{"cve": [{"lastseen": "2019-05-29T18:09:00", "bulletinFamily": "NVD", "description": "Cross-site scripting (XSS) vulnerability in the LoginToboggan module 4.7.x-1.0, 4.7.x-1.x-dev, and 5.x-1.x-dev before 20070712 for Drupal, when configured to display a \"Log out\" link, allows remote attackers to inject arbitrary web script or HTML via a crafted username. NOTE: Drupal sanitizes the username by removing certain characters, so this might not be a vulnerability on default installations.", "modified": "2017-07-29T01:32:00", "id": "CVE-2007-3817", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3817", "published": "2007-07-17T01:30:00", "title": "CVE-2007-3817", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}
