CVE-2015-3387 in Taxonomy Tools Moduleinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Tools module before 7.x-1.4 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via a (1) node or (2) taxonomy term title.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

04/21/2015

Disclosure

04/21/2015

Moderation

VulDB entry created

Entries

VDB-75083 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

3.5

EPSS

0.00201

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3387
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3387
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3387/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!