Lucene search
HistoryOct 17, 2014 - 2:55 p.m.
CVE-2014-8319
cve-2014-8319
cross-site scripting
xss vulnerability
easy social module
drupal
nvd
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.0%
Cross-site scripting (XSS) vulnerability in the easy_social_admin_summary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a block title.
Affected configurations
Node
easy_social_projecteasy_socialMatch7.x-2.0drupal
OReasy_social_projecteasy_socialMatch7.x-2.1drupal
OReasy_social_projecteasy_socialMatch7.x-2.2drupal
OReasy_social_projecteasy_socialMatch7.x-2.3drupal
OReasy_social_projecteasy_socialMatch7.x-2.4drupal
OReasy_social_projecteasy_socialMatch7.x-2.5drupal
OReasy_social_projecteasy_socialMatch7.x-2.6drupal
OReasy_social_projecteasy_socialMatch7.x-2.7drupal
OReasy_social_projecteasy_socialMatch7.x-2.8drupal
OReasy_social_projecteasy_socialMatch7.x-2.9drupal
OReasy_social_projecteasy_socialMatch7.x-2.10drupal
Related
cvelist
cvelist
CVE-2014-8319
2014-10-17 14:00:00
prion
prion
Cross site scripting
2014-10-17 14:55:00
drupal
drupal
SA-CONTRIB-2014-019 - Easy Social - Cross Site Scripting (XSS)
2014-02-12 00:00:00
nvd
nvd
CVE-2014-8319
2014-10-17 14:55:03
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.0%
Related for CVE-2014-8319