Skip to main content

Http Strict Transport Security

1 CVEs product

Monthly

CVE-2015-5505 MEDIUM PATCH This Month

The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the "include subdomains" directive, which causes the HSTS. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Information Disclosure Http Strict Transport Security
NVD
CVSS 2.0
6.8
EPSS
0.6%
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the "include subdomains" directive, which causes the HSTS. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Information Disclosure Http Strict Transport Security
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy