diff --git a/CVE-2018/CVE-2018-250xx/CVE-2018-25085.json b/CVE-2018/CVE-2018-250xx/CVE-2018-25085.json new file mode 100644 index 00000000000..48cbab31f82 --- /dev/null +++ b/CVE-2018/CVE-2018-250xx/CVE-2018-25085.json @@ -0,0 +1,96 @@ +{ + "id": "CVE-2018-25085", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-01T05:15:08.633", + "lastModified": "2023-05-01T05:15:08.633", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic was found in Responsive Menus 7.x-1.x-dev on Drupal. Affected by this vulnerability is the function responsive_menus_admin_form_submit of the file responsive_menus.module of the component Configuration Setting Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 7.x-1.7 is able to address this issue. The name of the patch is 3c554b31d32a367188f44d44857b061eac949fb8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-227755." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 2.4, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 3.3 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 6.4, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://git.drupalcode.org/project/responsive_menus/-/commit/3c554b31d32a367188f44d44857b061eac949fb8", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.227755", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.227755", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.drupal.org/project/responsive_menus/releases/7.x-1.7", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.drupal.org/sa-contrib-2018-079", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2dd8b6baec5..9c83eacee4b 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-01T04:00:24.571525+00:00 +2023-05-01T06:00:24.588483+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-01T02:15:39.197000+00:00 +2023-05-01T05:15:08.633000+00:00 ``` ### Last Data Feed Release @@ -29,14 +29,14 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -213838 +213839 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -* [CVE-2015-10105](CVE-2015/CVE-2015-101xx/CVE-2015-10105.json) (`2023-05-01T02:15:39.197`) +* [CVE-2018-25085](CVE-2018/CVE-2018-250xx/CVE-2018-25085.json) (`2023-05-01T05:15:08.633`) ### CVEs modified in the last Commit