Lucene search

MitreCVE-2014-4505

HistoryJun 20, 2014 - 2:55 p.m.

CVE-2014-4505

2014-06-2014:55:07

CWE-79

mitre

web.nvd.nist.gov

cve-2014-4505

cross-site scripting

xss

vulnerability

easy breadcrumb

drupal

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.0drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.1drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.2drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.3drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.4drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.5drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.6drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.7drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.8drupal

roger_padilla_camachoeasy_breadcrumbMatch7.x-2.9drupal

VendorProductVersionCPE
roger_padilla_camachoeasy_breadcrumb7.x-2.0cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.0:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.1cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.1:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.2cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.2:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.3cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.3:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.4cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.4:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.5cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.5:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.6cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.6:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.7cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.7:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.8cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.8:*:*:*:*:drupal:*:*
roger_padilla_camachoeasy_breadcrumb7.x-2.9cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.9:*:*:*:*:drupal:*:*

Vendor	Product	Version	CPE
roger_padilla_camacho	easy_breadcrumb	7.x-2.0	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.0:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.1	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.1:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.2	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.2:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.3	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.3:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.4	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.4:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.5	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.5:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.6	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.6:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.7	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.7:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.8	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.8:::::drupal::
roger_padilla_camacho	easy_breadcrumb	7.x-2.9	cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.9:::::drupal::

References

secunia.com/advisories/59379

www.securityfocus.com/bid/68106

www.drupal.org/node/2286121

www.drupal.org/node/2288353

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Related for CVE-2014-4505