CVE-2007-2159

Опубликовано: 22 апр. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the Database Administration (dba) module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors relating to (1) direct display of data from the database and (2) other portions of the user interface.

Ссылки

http://drupal.org/node/135549
Patch
Vendor Advisory
http://osvdb.org/34961
http://secunia.com/advisories/24848
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2007/1360
http://drupal.org/node/135549
Patch
Vendor Advisory
http://osvdb.org/34961
http://secunia.com/advisories/24848
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2007/1360

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:drupal:database_administration_module:4.6:*:*:*:*:*:*:*

cpe:2.3:a:drupal:database_administration_module:4.7:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00362

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-833x-32f7-qpr7

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors relating to (1) direct display of data from the database and (2) other portions of the user interface.