Cross-Site Scripting Vulnerability in TrailScout Module for Drupal
CVE-2008-2849

Currently unrated

Key Information:

Vendor
Drupal
Status
Trailscout Module
Vendor
CVE Published:
25 June 2008

Summary

The TrailScout module for Drupal contains a vulnerability that permits unauthorized users with post creation rights to execute arbitrary web scripts or HTML code. This occurs through various unknown vectors, allowing for potential exploitation if proper safeguards are not in place. Attackers could leverage this flaw to manipulate site content or redirect users, posing a serious risk to the integrity and security of the application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/43168
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/29807
vdb-entryx_refsource_BID
http://drupal.org/node/272191
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.