mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
234 lines
8.4 KiB
JSON
234 lines
8.4 KiB
JSON
{
|
|
"id": "CVE-2015-5514",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2015-08-18T18:00:20.660",
|
|
"lastModified": "2024-11-21T02:33:11.053",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in the Migrate module 7.x-2.x before 7.x-2.8 for Drupal, when the migrate_ui submodule is enabled, allows user-assisted remote attackers to inject arbitrary web script or HTML via a destination field label."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de XSS en el m\u00f3dulo Migrate 7.x-2.x en versiones anteriores a 7.x-2.8 para Drupal, cuando el subm\u00f3dulo migrate_ui submodule est\u00e1 habilitado, permite a atacantes remotos asistidos por usuario inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una etiqueta de campo de destino."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
|
|
"baseScore": 2.6,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "HIGH",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 4.9,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.0:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "BF6472F9-DF7B-44DA-B543-CCB75EEFC966"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.0:beta1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "398B2124-8DF1-49B4-90CA-7A80E6A2408B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.0:beta2:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "CEF25334-CD41-4733-9BB5-056A49EAEC5C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.0:beta3:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "E5A00D15-5172-42C3-BEA4-C8DD76AE7878"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.0:rc1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "F5842958-5A82-4AD5-A204-1EEEBC7BA3A8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.0:rc2:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "145A1A23-BE6B-4198-86F2-2A1EEF70BBB0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.0:rc3:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "35853AA2-ED77-4F68-BE1A-62E23BD9EEF9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.1:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "7B27197E-46F7-426D-8386-DA85BA41A8A9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.1:beta1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "4C877E65-22B0-491D-A693-42B8265C5D7D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.2:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "773FF3D0-D5BB-415F-B018-3717EB65AB0E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.2:rc1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "DD8C53DB-AEE3-48EF-B3A8-39C1D6501D85"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.2:rc2:*:*:drupal:*:*:*",
|
|
"matchCriteriaId": "6033CC46-645E-460C-8AA2-84BD38DAA52D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.3:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "C639EEDF-B188-463F-98BD-B15935F304F8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.3:rc1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "D3AC1F3F-5C0A-4816-9A5A-A649C9ABC9A2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.4:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "09D5FFB7-9F5B-4210-8D67-F9CF7E8C5544"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.4:beta1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "E959814B-4AD4-4D14-B122-4EE66E094087"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.5:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "26083140-27F0-4E5E-A204-962C43CB6390"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.5:rc1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "F6975265-84B1-4376-9F6D-84474E90FBF9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.5:rc2:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "7AA46F70-7604-4EFD-A700-EFF38B270B90"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.6:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "18EEA91A-DFEF-45F4-9A58-F2E1808C946E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.6:beta1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "871343D9-0D33-43AA-BAB6-CB03FFA80E57"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.6:rc1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "348AC4D2-8AB2-408F-AA0F-9E2737D69FA7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.6:rc2:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "E9DCFA94-4C10-4394-8826-F1D2979003DC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.7:*:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "C87BDE81-D07C-436C-B5D9-BFE0D62C045B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:migrate_project:migrate:7.x-2.7:rc1:*:*:*:drupal:*:*",
|
|
"matchCriteriaId": "29EF3300-418A-4495-869B-A3EBA443C50F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2015/07/04/4",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.drupal.org/node/2516560",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.drupal.org/node/2516678",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2015/07/04/4",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://www.drupal.org/node/2516560",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.drupal.org/node/2516678",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |