CVE-2016-1913
Published Jan 15, 2016
Last updated 9 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to (1) individual contacts, (2) notes, or (3) engagement scores.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.0:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "8EBCE80D-0E67-4959-B6CF-71079E775F57"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha1:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "79D6DD3E-D0DB-4192-ACFA-A8F76166C723"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha2:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "033179D3-6F8B-4AE6-BC69-0F39A66A9A9A"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha3:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "36B135E3-AFE1-48AC-9286-9C4F00A8A425"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta1:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "9BEAD79C-DEF5-4BF5-B850-B8649AF30E35"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta2:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "5492E250-EC4A-497D-878C-5F18ED88F220"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta3:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "50BB7F3E-A3CD-4B39-879D-4ADCCE271064"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.1:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "938C1B98-D83F-4E21-9A81-585F4F0238E4"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.2:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "5F103A34-E369-4455-B0F8-F5F912355EB7"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.3:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "C9E8F970-D864-427F-8B72-1B9D31FEBFC8"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.4:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "26E5A985-CC84-41A7-A02A-76624146A4BB"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.5:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "1429858E-CABA-4D32-B62C-A6E53593D59B"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.6:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "4633A838-D3DC-4A20-BE4D-7CB816A07D6D"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.7:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "CC3BF031-B3DB-4632-AA43-704EA7B3D740"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.8:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "E26C0DF9-2F04-423A-9D98-BED9060870EA"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.10:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "BCAF37B1-699A-46DB-A7FD-4A4D02458023"
},
{
"criteria": "cpe:2.3:a:redhen_project:redhen:7.x-1.x:dev:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "10A9BD6F-D774-4FA6-823F-188734960DF2"
}
],
"operator": "OR"
}
]
}
]