Lucene search

K

PRIOn knowledge basePRION:CVE-2015-6665

HistoryAug 24, 2015 - 2:59 p.m.

Cross site scripting

2015-08-2414:59:00

PRIOn knowledge base

www.prio-n.com

2

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.7%

Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the “a” tag.

CPENameOperatorVersion
ctoolseq6.x-1.0 beta4
ctoolseq6.x-1.0 alpha2
ctoolseq6.120.11
ctoolseq6.x-1.0 beta3
ctoolseq6.x-1.0 rc1
ctoolseq6.120.17
ctoolseq6.120.16
ctoolseq6.x-1.0 alpha1
ctoolseq6.120.10
ctoolseq6.120.14

Rows per page:

1-10 of 781

References

www.debian.org/security/2015/dsa-3346

www.securityfocus.com/bid/76431

www.securitytracker.com/id/1033358

lists.fedoraproject.org/pipermail/package-announce/2015-August/165061.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165674.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165690.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165695.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165704.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165723.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165724.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165733.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165840.html

www.drupal.org/node/2554133

www.drupal.org/node/2554145

www.drupal.org/SA-CORE-2015-003

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.7%

Related for PRION:CVE-2015-6665

cve1 nessus12 debiancve1 ubuntucve1 openvas9 drupal2 fedora7 securityvulns2 debian1 osv1 mageia1