Term Merge
1 CVEs
product
Monthly
Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
XSS
Term Merge
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 0%
CVSS 3.5
LOW
PATCH
Monitor
Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
XSS
Term Merge
NVD