CVE-2015-4381 in Invoice Module情報

要約

〜によって MITRE

Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices" permission to inject arbitrary web script or HTML via unspecified vectors involving nodes of the "Invoice" content type.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

予約する

2015年06月05日

モデレーション

承諾済み

エントリ

VDB-75930

EPSS

0.00966

アクティビティ

非常低い

ソース

Want to know what is going to be exploited?

We predict KEV entries!