2.6
CVE-2015-5514
- EPSS 0.36%
- Veröffentlicht 18.08.2015 18:00:20
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in the Migrate module 7.x-2.x before 7.x-2.8 for Drupal, when the migrate_ui submodule is enabled, allows user-assisted remote attackers to inject arbitrary web script or HTML via a destination field label.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Migrate Project ≫ Migrate Version7.x-2.0 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.0 Updatebeta1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.0 Updatebeta2 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.0 Updatebeta3 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.0 Updaterc1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.0 Updaterc2 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.0 Updaterc3 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.1 Updatebeta1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.2 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.2 Updaterc1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.2 Updaterc2 SwEditiondrupal
Migrate Project ≫ Migrate Version7.x-2.3 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.3 Updaterc1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.4 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.4 Updatebeta1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.5 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.5 Updaterc1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.5 Updaterc2 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.6 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.6 Updatebeta1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.6 Updaterc1 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.6 Updaterc2 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.7 SwPlatformdrupal
Migrate Project ≫ Migrate Version7.x-2.7 Updaterc1 SwPlatformdrupal
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.551 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.