NVD

Id
30227  
Name
CVE-2014-1611  
Description
Cross-site scripting (XSS) vulnerability in the Anonymous Posting module 7.x-1.2 and 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the contact name field.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2014-01-30  
Modified Date
2014-02-21  
Seq
2014-1611  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
160047 30227 CVE-2014-1611 http://packetstormsecurity.com/files/124803/Drupal-Anonymous-Posting-7.x-Cross-Site-Scripting.html  View
160048 30227 CVE-2014-1611 20140115 [Security-news] SA-CONTRIB-2014-002 - Anonymous Posting - Cross Site Scripting (XSS)  View
160049 30227 CVE-2014-1611 anonymousposting-contactname-xss(90526)  View
160050 30227 CVE-2014-1611 https://drupal.org/node/2173321  View
160051 30227 CVE-2014-1611 https://drupal.org/node/2173437  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12418 JVNDB-2014-001293 Drupal 用 Anonymous Posting モジュールにおけるクロスサイトスクリプティングの脆弱性 Drupal 用 Anonymous Posting モジュールには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2014-1611 68898 CVE-2014-1611 30227 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001293.html 2014-01-14 2014-02-03 View