Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
InsiteNode Basket

3 matches found

CVE
CVEadded 2015/04/21 6:0 p.m.46 views

CVE-2015-3381

CVE-2015-3381 (Drupal Node basket module) describes a cross-site scripting (XSS) flaw in the Node basket module for Drupal. The vulnerability permits remote authenticated users to inject arbitrary web script or HTML via unspecified vectors due to insufficient input sanitization. Affected versions...

3.5CVSS5.4AI score0.00209EPSS
CVE
CVEadded 2015/04/21 6:0 p.m.45 views

CVE-2015-3382

Drupal Node basket module contains CSRF vulnerabilities that can allow an attacker to hijack user sessions to add or remove nodes from a basket. Affected across versions prior to the fixes noted in the Drupal advisory; vectors are not detailed in the provided documents. Mitigation referenced: upd...

5.8CVSS7.5AI score0.00126EPSS
CVE
CVEadded 2015/04/21 6:0 p.m.39 views

CVE-2015-3383

CVE-2015-3383 is a Drupal Node basket module open redirect vulnerability. The linked sources describe an open redirect issue (phishing risk) in the Node basket module and indicate that it affects all versions of the module. A remediation path is to uninstall or remove the Node basket module; othe...

5.8CVSS6.9AI score0.00253EPSS