Skip to main content

Commerce Balanced Payments

2 CVEs product

Monthly

CVE-2015-3388 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

CSRF Commerce Balanced Payments
NVD
CVSS 2.0
5.8
EPSS
0.1%
CVE-2015-3384 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Commerce Balanced Payments
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

CSRF Commerce Balanced Payments
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Commerce Balanced Payments
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy