CVE-2014-9362

2014-12-1020:59:01

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

30.9%

JSON

Cross-site scripting (XSS) vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the “Edit path based meta tags” permission to inject arbitrary web script or HTML via vectors related to deleting a Path-based Metatag.

Affected configurations

Nvd

Node

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.0drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.1drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.2drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.3drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.4drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.5drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.6drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.7drupal

VendorProductVersionCPE
meta_tags_quick_projectmeta_tags_quick7.x-2.0cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.0:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.1cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.1:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.2cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.2:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.3cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.3:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.4cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.4:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.5cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.5:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.6cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.6:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.7cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.7:*:*:*:*:drupal:*:*

Vendor	Product	Version	CPE
meta_tags_quick_project	meta_tags_quick	7.x-2.0	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.0:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.1	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.1:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.2	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.2:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.3	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.3:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.4	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.4:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.5	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.5:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.6	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.6:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.7	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.7:::::drupal::