Skip to main content
CVE-2014-7231 LOW POC PATCH Monitor

The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands,. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Cinder Nova Trove Openstack
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2014-7980 LOW PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in template.php in Zen theme 7.x-3.x before 7.x-3.3 and 7.x-5.x before 7.x-5.5 for Drupal allow remote authenticated users with the "administer. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS PHP Zen
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-7979 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Simplecorp
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-7978 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the BlueMasters theme 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Bluemasters
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-7230 LOW Monitor

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cinder Nova Trove Openstack +1
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy