Skip to main content
CVE-2015-5491 LOW PATCH Monitor

The Dynamic display block module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users to bypass intended access restrictions and read sensitive titles by leveraging the "administer. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Dynamic Display Block
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-5494 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Webform Matrix Component module 7.x-4.x before 7.x-4.13 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Webform Matrix Component
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-5489 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Smart Trim module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Smart Trim
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-5497 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Web Links module 6.x-2.x before 6.x-2.6 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Web Links
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-5500 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Navigate module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Navigate
NVD
CVSS 2.0
3.5
EPSS
0.1%
CVE-2015-5514 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Migrate module 7.x-2.x before 7.x-2.8 for Drupal, when the migrate_ui submodule is enabled, allows user-assisted remote attackers to inject arbitrary. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Migrate
NVD
CVSS 2.0
2.6
EPSS
0.4%
CVE-2015-5495 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Mobile sliding menu module 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer menu" permission to inject. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Mobile Sliding Menu
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2015-5488 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the MailChimp Signup submodule in the MailChimp module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "administer mailchimp". Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Mailchimp
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2015-5513 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Shibboleth authentication module 6.x-4.x before 6.x-4.2 and 7.x-4.x before 7.x-4.2 for Drupal allows remote authenticated users with the "Administer. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Shibboleth Authentication
NVD
CVSS 2.0
2.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy