CVE-2013-7064

2014-04-2914:38:43

CWE-79

[email protected]

web.nvd.nist.gov

cve-2013-7064

cross-site scripting

xss

eu cookie compliance

drupal

nvd

security vulnerability

2.1 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.0%

JSON

Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated administrators with the “Administer EU Cookie Compliance popup” permission to inject arbitrary web script or HTML via unspecified configuration values.

Affected configurations

NVD

Node

freelance-it-consultanteu_cookie_complianceRange≤7.x-1.11drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.0drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.1drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.2drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.6drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.7drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.8drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.9drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.10drupal

freelance-it-consultanteu_cookie_complianceMatch7.x-1.xdevdrupal

CPENameOperatorVersion
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie compliancele7.x-1.11
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.0
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.1
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.2
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.6
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.7
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.8
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.9
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.10
freelance-it-consultant:eu_cookie_compliancefreelance-it-consultant eu cookie complianceeq7.x-1.x

CPE	Name	Operator	Version
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	le	7.x-1.11
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.0
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.1
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.2
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.6
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.7
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.8
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.9
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.10
freelance-it-consultant:eu_cookie_compliance	freelance-it-consultant eu cookie compliance	eq	7.x-1.x