Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2015-3344
HistoryApr 21, 2015 - 4:59 p.m.

CVE-2015-3344

2015-04-2116:59:04
CWE-79
mitre
web.nvd.nist.gov
22
cve
2015
3344
cross-site scripting
xss
vulnerability
course module
drupal
remote authenticated users
web script
html
node title

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

44.6%

JSON

Cross-site scripting (XSS) vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.

Affected configurations

Nvd
Node
dlc_solutionscourseMatch6.x-1.0-alpha1drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc1drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc2drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc3drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc4drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc5drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc6drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc7drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc8drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc9drupal
OR
dlc_solutionscourseMatch6.x-1.0-rc10drupal
OR
dlc_solutionscourseMatch6.x-1.1drupal
OR
dlc_solutionscourseMatch6.x-1.x-devdrupal
OR
dlc_solutionscourseMatch7.x-1.0drupal
OR
dlc_solutionscourseMatch7.x-1.0-alpha1drupal
OR
dlc_solutionscourseMatch7.x-1.0-alpha2drupal
OR
dlc_solutionscourseMatch7.x-1.0-alpha3drupal
OR
dlc_solutionscourseMatch7.x-1.0-beta1drupal
OR
dlc_solutionscourseMatch7.x-1.0-beta2drupal
OR
dlc_solutionscourseMatch7.x-1.0-beta3drupal
OR
dlc_solutionscourseMatch7.x-1.0-rc1drupal
OR
dlc_solutionscourseMatch7.x-1.0-rc2drupal
OR
dlc_solutionscourseMatch7.x-1.0-rc3drupal
OR
dlc_solutionscourseMatch7.x-1.0-rc4drupal
OR
dlc_solutionscourseMatch7.x-1.1drupal
OR
dlc_solutionscourseMatch7.x-1.2drupal
OR
dlc_solutionscourseMatch7.x-1.3drupal
OR
dlc_solutionscourseMatch7.x-1.x-devdrupal
VendorProductVersionCPE
dlc_solutionscourse6.x-1.0-alpha1cpe:2.3:a:dlc_solutions:course:6.x-1.0-alpha1:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc1cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc1:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc2cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc2:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc3cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc3:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc4cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc4:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc5cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc5:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc6cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc6:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc7cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc7:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc8cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc8:*:*:*:*:drupal:*:*
dlc_solutionscourse6.x-1.0-rc9cpe:2.3:a:dlc_solutions:course:6.x-1.0-rc9:*:*:*:*:drupal:*:*
Rows per page:
1-10 of 281

Related

cvelist 1
prion 1
drupal 1
nvd 1
cvelist
cvelist
CVE-2015-3344
2015-04-21 16:00:00
prion
prion
Cross site scripting
2015-04-21 16:59:00
drupal
drupal
SA-CONTRIB-2015-002 - Course - Cross Site Scripting (XSS)
2015-01-07 00:00:00
nvd
nvd
CVE-2015-3344
2015-04-21 16:59:04

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

44.6%

JSON
Related for CVE-2015-3344
cvelist1prion1drupal1nvd1