Skip to main content

Invoice

2 CVEs product

Monthly

CVE-2015-4382 MEDIUM PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Invoice
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-4381 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices". Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Invoice
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Invoice
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices". Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Invoice
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy