Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:29 a.m.5 views

CVE-2015-2101

Cross-site scripting XSS vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01521EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/02/27 3:0 p.m.20 views

CVE-2015-2101

Cross-site scripting XSS vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01521EPSS
Exploits0References4
CVE
CVE
added 2015/02/27 3:0 p.m.56 views

CVE-2015-2101

The CVE-2015-2101 entry concerns the Drupal Navigate module (6.x-1.x prior to 6.x-1.1; 7.x-1.x prior to 7.x-1.1). The underlying issue is insufficient sanitization of user input in the Navigate bar, leading to a Cross-Site Scripting (XSS) vulnerability that could allow remote attackers to inject ...

4.3CVSS5.9AI score0.01521EPSS
Exploits0References4Affected Software1
Drupal
Drupal
added 2015/02/18 12:0 a.m.17 views

SA-CONTRIB-2015-049 - Navigate - Cross Site Scripting (XSS)

Navigate is a customizable navigation bar for Drupal. The module doesn't sufficiently sanitize user input when displaying the Navigate bar. Because the vulnerability is a Reflected Cross Site Scripting, the only mitigating factor is that the victim must be tricked into visiting a specially crafte...

4.3CVSS6.3AI score0.01521EPSS
Exploits0References9
Rows per page
Query Builder