CVE-2015-7230

2022-10-0316:15:55

CWE-264

[email protected]

web.nvd.nist.gov

cve-2015-7230

workbench email

drupal

remote authentication

node validation

field validation

nvd

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.2%

JSON

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node.

Affected configurations

NVD

Node

workbench_email_projectworkbench_emailMatch7.x-3.0drupal

workbench_email_projectworkbench_emailMatch7.x-3.1drupal

workbench_email_projectworkbench_emailMatch7.x-3.2drupal

workbench_email_projectworkbench_emailMatch7.x-3.3drupal

CPENameOperatorVersion
workbench_email_project:workbench_emailworkbench email project workbench emaileq7.x-3.0
workbench_email_project:workbench_emailworkbench email project workbench emaileq7.x-3.1
workbench_email_project:workbench_emailworkbench email project workbench emaileq7.x-3.2
workbench_email_project:workbench_emailworkbench email project workbench emaileq7.x-3.3

CPE	Name	Operator	Version
workbench_email_project:workbench_email	workbench email project workbench email	eq	7.x-3.0
workbench_email_project:workbench_email	workbench email project workbench email	eq	7.x-3.1
workbench_email_project:workbench_email	workbench email project workbench email	eq	7.x-3.2
workbench_email_project:workbench_email	workbench email project workbench email	eq	7.x-3.3