CVE-2014-4505

Published Jun 20, 2014

Last updated 10 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.0:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB0645A5-A6D4-468B-9222-58BCBCC047E9"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.1:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88D6CF46-F3DF-48FC-8E20-6B4869B3231E"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.2:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AF5DAAF-3163-4E2B-95B4-39689534875A"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.3:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6F328E8-6B2A-4D01-8BBD-38A71722BDE7"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.4:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD75DD01-DCDA-4748-A126-720952E1E769"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.5:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "192FBCAD-7B01-4B79-955F-9D3B9A00713E"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.6:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "736DFB92-A272-45A0-B2AF-DD11469CDDC5"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.7:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02FD9CF0-B172-4A52-A4D0-AF73E9F22555"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.8:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B9280CF-94E1-4E18-A4E4-54B39209CC8E"
          },
          {
            "criteria": "cpe:2.3:a:roger_padilla_camacho:easy_breadcrumb:7.x-2.9:*:*:*:*:drupal:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D945E99-F105-480E-8A74-3FBA5149FCE5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References