Lucene search
MitreCVE-2015-4373HistoryJun 15, 2015 - 2:59 p.m.
CVE-2015-4373
2015-06-1514:59:31
CWE-79
mitre
web.nvd.nist.gov
30
cve-2015-4373
cross-site scripting
xss
og tabs module
drupal
remote authenticated users
organic groups group
nvd
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
41.9%
Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes posted in an Organic Groups group.
Affected configurations
Node
og_tabs_projectog_tabsRange≤7.x-1.0drupal
| Vendor | Product | Version | CPE |
|---|---|---|---|
| og_tabs_project | og_tabs | * | cpe:2.3:a:og_tabs_project:og_tabs:*:*:*:*:*:drupal:*:* |
Related
drupal
drupal
SA-CONTRIB-2015-077 - OG tabs - Cross Site Scripting (XSS)
2015-03-11 00:00:00
prion
prion
Cross site scripting
2015-06-15 14:59:00
cvelist
cvelist
CVE-2015-4373
2015-06-15 14:00:00
nvd
nvd
CVE-2015-4373
2015-06-15 14:59:31
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
41.9%
Related for CVE-2015-4373