Lucene search

[email protected]CVE-2015-5514

HistoryAug 18, 2015 - 6:00 p.m.

CVE-2015-5514

2015-08-1818:00:20

CWE-79

[email protected]

web.nvd.nist.gov

cve-2015-5514

cross-site scripting

xss

migrate module

drupal

vulnerability

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.0%

JSON

Cross-site scripting (XSS) vulnerability in the Migrate module 7.x-2.x before 7.x-2.8 for Drupal, when the migrate_ui submodule is enabled, allows user-assisted remote attackers to inject arbitrary web script or HTML via a destination field label.

Affected configurations

NVD

Node

migrate_projectmigrateMatch7.x-2.0drupal

migrate_projectmigrateMatch7.x-2.0beta1drupal

migrate_projectmigrateMatch7.x-2.0beta2drupal

migrate_projectmigrateMatch7.x-2.0beta3drupal

migrate_projectmigrateMatch7.x-2.0rc1drupal

migrate_projectmigrateMatch7.x-2.0rc2drupal

migrate_projectmigrateMatch7.x-2.0rc3drupal

migrate_projectmigrateMatch7.x-2.1drupal

migrate_projectmigrateMatch7.x-2.1beta1drupal

migrate_projectmigrateMatch7.x-2.2drupal

migrate_projectmigrateMatch7.x-2.2rc1drupal

migrate_projectmigrateMatch7.x-2.2rc2drupal

migrate_projectmigrateMatch7.x-2.3drupal

migrate_projectmigrateMatch7.x-2.3rc1drupal

migrate_projectmigrateMatch7.x-2.4drupal

migrate_projectmigrateMatch7.x-2.4beta1drupal

migrate_projectmigrateMatch7.x-2.5drupal

migrate_projectmigrateMatch7.x-2.5rc1drupal

migrate_projectmigrateMatch7.x-2.5rc2drupal

migrate_projectmigrateMatch7.x-2.6drupal

migrate_projectmigrateMatch7.x-2.6beta1drupal

migrate_projectmigrateMatch7.x-2.6rc1drupal

migrate_projectmigrateMatch7.x-2.6rc2drupal

migrate_projectmigrateMatch7.x-2.7drupal

migrate_projectmigrateMatch7.x-2.7rc1drupal

CPENameOperatorVersion
migrate_project:migratemigrate project migrateeq7.x-2.0
migrate_project:migratemigrate project migrateeq7.x-2.1
migrate_project:migratemigrate project migrateeq7.x-2.2
migrate_project:migratemigrate project migrateeq7.x-2.3
migrate_project:migratemigrate project migrateeq7.x-2.4
migrate_project:migratemigrate project migrateeq7.x-2.5
migrate_project:migratemigrate project migrateeq7.x-2.6
migrate_project:migratemigrate project migrateeq7.x-2.7

CPE	Name	Operator	Version
migrate_project:migrate	migrate project migrate	eq	7.x-2.0
migrate_project:migrate	migrate project migrate	eq	7.x-2.1
migrate_project:migrate	migrate project migrate	eq	7.x-2.2
migrate_project:migrate	migrate project migrate	eq	7.x-2.3
migrate_project:migrate	migrate project migrate	eq	7.x-2.4
migrate_project:migrate	migrate project migrate	eq	7.x-2.5
migrate_project:migrate	migrate project migrate	eq	7.x-2.6
migrate_project:migrate	migrate project migrate	eq	7.x-2.7