4.3
CVE-2007-2159
- EPSS 1.03%
- Veröffentlicht 22.04.2007 19:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple cross-site scripting (XSS) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors relating to (1) direct display of data from the database and (2) other portions of the user interface.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Drupal ≫ Database Administration Module Version4.6
Drupal ≫ Database Administration Module Version4.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.03% | 0.593 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://drupal.org/node/135549
http://osvdb.org/34961
http://secunia.com/advisories/24848
http://www.vupen.com/english/advisories/2007/1360