Lucene search

K

PRIOn knowledge basePRION:CVE-2015-6658

HistoryAug 24, 2015 - 2:59 p.m.

Cross site scripting

2015-08-2414:59:00

PRIOn knowledge base

www.prio-n.com

2

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.7%

Cross-site scripting (XSS) vulnerability in the Autocomplete system in Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to uploading files.

CPENameOperatorVersion
drupaleq7.0 alpha5
drupaleq7.0 dev
drupaleq7.0 alpha7
drupaleq6.0 beta2
drupaleq6.33
drupaleq7.16
drupaleq6.0 rc2
drupaleq7.21
drupaleq6.2
drupaleq7.0 rc2

Rows per page:

1-10 of 991

References

www.debian.org/security/2015/dsa-3346

www.securityfocus.com/bid/76434

www.securitytracker.com/id/1033358

lists.fedoraproject.org/pipermail/package-announce/2015-August/165061.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165690.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165704.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165723.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165733.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165840.html

www.drupal.org/SA-CORE-2015-003

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.7%

Related for PRION:CVE-2015-6658

ubuntucve1 cvelist1 debiancve1 nvd1 cve1 openvas9 nessus11 fedora7 debian1 drupal1 securityvulns2 osv1 mageia1