Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2014-5021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the...

2.1CVSS6.3AI score0.01127EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/08/05 12:0 a.m.25 views

Fedora Update for drupal7 FEDORA-2014-8515

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS6.5AI score0.01323EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/07/29 12:0 a.m.31 views

Fedora 20 : drupal7-7.29-1.fc20 (2014-8485)

Fixes SA-CORE-2014-003. For details refer to: https://www.drupal.org/drupal-7.29-release-notes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...

5CVSS6.1AI score0.02772EPSS
Exploits0References7
NVD
NVD
added 2014/07/22 2:55 p.m.23 views

CVE-2014-5021

Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...

2.1CVSS5.2AI score0.01127EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2014/07/22 2:55 p.m.29 views

CVE-2014-5021

Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...

2.1CVSS6.5AI score0.01127EPSS
Exploits0References3
CVE
CVE
added 2014/07/22 2:0 p.m.72 views

CVE-2014-5021

CVE-2014-5021 concerns Drupal’s Form API XSS vulnerability. The vulnerability affects Drupal 6.x before 6.32 and potentially 7.x before 7.29, where remote authenticated users who possess the “administer taxonomy” permission can inject arbitrary script or HTML via an option group label. The impact...

2.1CVSS5.7AI score0.01127EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/07/22 2:0 p.m.42 views

CVE-2014-5021

Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option group label...

5.8AI score0.01127EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/07/21 12:0 a.m.42 views

Debian DSA-2983-1 : drupal7 - security update

Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting. More information can be found at https://www.drupal.org/SA-CORE-2014-003. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

5CVSS6AI score0.02772EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2014/07/21 12:0 a.m.40 views

Drupal 6.x < 6.32 / 7.x < 7.29 Multiple Vulnerabilities

The remote web server is running a version of Drupal that is 6.x prior to 6.32 or 7.x prior to 7.29. It is, therefore, potentially affected by the following vulnerabilities : - The HTTP Host header, which determines the configuration file used by Drupal core's multisite feature, does not properly...

5CVSS6.1AI score0.02772EPSS
Exploits0References7
Rows per page
Query Builder