CVE-2014-5456 in Social Statsinfo

Summary

Cross-site scripting (XSS) vulnerability in the Social Stats module before 7.x-1.5 for Drupal allows remote authenticated users with the "[Content Type]: Create new content" permission to inject arbitrary web script or HTML via vectors related to the configuration.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/25/2014

Disclosure

08/25/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
70732Social Stats cross site scripting79Not definedOfficial fixCVE-2014-5456

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!