CVE-2014-8747
Published Oct 13, 2014
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to content creation and activity stream messages.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBDAD421-A8BB-4BDD-84FA-CA98DD18973B"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.3:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5CD112B-4199-4D9D-ACDD-D5093C51D4E2"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.3:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D300A85C-1E69-4F7B-8B33-D6BD825C9F40"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CBA0623-D4B0-49F0-8194-D9058C34E063"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.4:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECC83E3C-0338-468A-8F51-54A50CCC5895"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.4:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D93A9CB2-35DA-40C2-9A32-19CCFD885AD0"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.4:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B80E638C-42FB-40C6-A788-945664703936"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37B69C84-7B64-405B-94C1-86BAADD9F067"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "334E0AC2-2D73-4435-BA15-7166C6895126"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20867997-61A3-4F2E-A8D2-75FE8494FD47"
},
{
"criteria": "cpe:2.3:a:drupal:commons:7.x-3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8739524-681B-411A-94B5-4B90915B88EB"
}
],
"operator": "OR"
}
]
}
]