2.6
CVE-2006-4355
- EPSS 1.12%
- Veröffentlicht 27.08.2006 02:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:56
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Drupal ≫ Drupal Easylinks Module Version4.7
Drupal ≫ Drupal Easylinks Module Version4.7.0
Drupal ≫ Drupal Easylinks Module Version4.7.1
Drupal ≫ Drupal Easylinks Module Version4.7.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.12% | 0.62 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
http://drupal.org/node/80087
http://secunia.com/advisories/21603
http://www.securityfocus.com/bid/19670
http://www.vupen.com/english/advisories/2006/3365
https://exchange.xforce.ibmcloud.com/vulnerabilities/28525