Lucene search

PRIOn knowledge basePRION:CVE-2015-2086

HistoryFeb 26, 2015 - 3:59 p.m.

Cross site scripting

2015-02-2615:59:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

31.8%

JSON

Cross-site scripting (XSS) vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title.

CPENameOperatorVersion
panopoly_magiceq<= 7.x-1.16

CPE	Name	Operator	Version
	panopoly_magic	eq	<= 7.x-1.16

References

www.securityfocus.com/bid/72671

www.drupal.org/node/2428749

www.drupal.org/node/2428799

5.7 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

31.8%

JSON

Related for PRION:CVE-2015-2086