Lucene search

K
nvd[email protected]NVD:CVE-2008-1794
HistoryApr 15, 2008 - 5:05 p.m.

CVE-2008-1794

2008-04-1517:05:00
CWE-79
web.nvd.nist.gov
2

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

71.7%

Multiple cross-site scripting (XSS) vulnerabilities in the Webform Drupal module 5.x before 5.x-1.10, 5.x-2.x before 5.x-2.0-beta3, and 6.x before 6.x-1.0-beta3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd
Node
drupalwebform_moduleMatch5.x-1.0
OR
drupalwebform_moduleMatch5.x-1.1
OR
drupalwebform_moduleMatch5.x-1.2
OR
drupalwebform_moduleMatch5.x-1.3
OR
drupalwebform_moduleMatch5.x-1.4
OR
drupalwebform_moduleMatch5.x-1.5
OR
drupalwebform_moduleMatch5.x-1.6
OR
drupalwebform_moduleMatch5.x-1.7
OR
drupalwebform_moduleMatch5.x-1.8
OR
drupalwebform_moduleMatch5.x-1.9
OR
drupalwebform_moduleMatch5.x-2.0beta1
OR
drupalwebform_moduleMatch5.x-2.0beta2
OR
drupalwebform_moduleMatch6.x-1.x-dev
VendorProductVersionCPE
drupalwebform_module5.x-1.0cpe:2.3:a:drupal:webform_module:5.x-1.0:*:*:*:*:*:*:*
drupalwebform_module5.x-1.1cpe:2.3:a:drupal:webform_module:5.x-1.1:*:*:*:*:*:*:*
drupalwebform_module5.x-1.2cpe:2.3:a:drupal:webform_module:5.x-1.2:*:*:*:*:*:*:*
drupalwebform_module5.x-1.3cpe:2.3:a:drupal:webform_module:5.x-1.3:*:*:*:*:*:*:*
drupalwebform_module5.x-1.4cpe:2.3:a:drupal:webform_module:5.x-1.4:*:*:*:*:*:*:*
drupalwebform_module5.x-1.5cpe:2.3:a:drupal:webform_module:5.x-1.5:*:*:*:*:*:*:*
drupalwebform_module5.x-1.6cpe:2.3:a:drupal:webform_module:5.x-1.6:*:*:*:*:*:*:*
drupalwebform_module5.x-1.7cpe:2.3:a:drupal:webform_module:5.x-1.7:*:*:*:*:*:*:*
drupalwebform_module5.x-1.8cpe:2.3:a:drupal:webform_module:5.x-1.8:*:*:*:*:*:*:*
drupalwebform_module5.x-1.9cpe:2.3:a:drupal:webform_module:5.x-1.9:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

71.7%

Related for NVD:CVE-2008-1794