Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2014-5022
HistoryJul 22, 2014 - 2:55 p.m.

CVE-2014-5022

2014-07-2214:55:00
Debian Security Bug Tracker
security-tracker.debian.org
4

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field.

OSVersionArchitecturePackageVersionFilename
Debian9alldrupal7< 7.52-2+deb9u11drupal7_7.52-2+deb9u11_all.deb

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Related for DEBIANCVE:CVE-2014-5022