CVE-2014-8745
Published Oct 13, 2014
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.13 and 7.x-1.x before 7.x-1.15 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a taxonomy vocabulary label.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF092DFE-D858-4D53-96B8-09C8EAE62395" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F650CC3-B2FA-4DDF-93D1-728C592498B0" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "434918EF-24A0-4AFB-9AC5-8C5B81DEE24D" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D46BE99-16F8-4335-95C6-984359366D54" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "652F0546-00A5-4C74-BE8B-13F0C5205B90" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9E6EF58-24CD-4065-85F9-C09A4BD5923D" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB1433ED-F731-48C6-9A78-3A459F3EC7F9" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5ED92031-F86D-49EA-BC94-479074F15714" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "359F0376-C40B-4C7A-8372-81F43394A23D" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A824973-A8CB-4F95-A529-B442A0390994" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7B7FF75-056C-47A9-B69E-3CC39307A423" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B643BF49-7662-4A8D-9CB1-EAA3758E54CC" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:6.x-1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62F71558-282E-4451-9723-E2EC04B293E7" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4BCAF1F-04B4-4656-B289-231F9AEEF688" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09D993DC-B476-436D-B9D5-E3317A25B22A" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93F2D264-2567-4412-9419-F2D2128D3923" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40090A7F-113B-4C39-B325-BAA772D527AF" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81D2E71A-5F17-4554-B08C-EFED07857D75" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "835B1970-66D4-45E7-BED1-3524B612A905" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEE3CFD0-40B0-4C97-B433-EC9F67413CCA" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F89A456-A597-44F9-A86D-CDB52885A085" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CB07EA7-58FC-48BB-8AA7-CE71AF22F389" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D3CAB8E-DA65-4DE1-9AF8-9B2FAD2684BA" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5BE09E8-8FA7-4367-884D-EA2DB21F87EA" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50439FA6-56DB-4EF9-A596-0FAB0F997FF6" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "459018E6-5971-4DEA-B2A4-915ADCE55847" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2B98F67-89C0-44D7-AD1C-99393EAF585B" }, { "criteria": "cpe:2.3:a:drupal:custom_search_module:7.x-1.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C339873C-99B5-4CDF-BE3D-E46A01D86D75" } ], "operator": "OR" } ] } ]