Lucene search

[email protected]NVD:CVE-2015-7232

HistorySep 17, 2015 - 4:59 p.m.

CVE-2015-7232

2015-09-1716:59:11

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

46.0%

JSON

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

structured_dynamicsopen_semantic_frameworkMatch7.x-3.0drupal

structured_dynamicsopen_semantic_frameworkMatch7.x-3.xdevdrupal

References

www.drupal.org/node/2537120

www.drupal.org/node/2537860

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

46.0%

JSON

Related for NVD:CVE-2015-7232

prion1 cvelist1 cve1 drupal1