CVE-2014-5022 in Drupalinformation

Résumé (Anglaise)

Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Réserver

22/07/2014

Divulgation

22/07/2014

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
67261Drupal Ajax cross site scripting79ÉlevéCorrectif officielCVE-2014-5022

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Interested in the pricing of exploits?

See the underground prices here!