Skip to main content

Linkit

2 CVEs product

Monthly

CVE-2015-3361 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Linkit
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2012-2304 MEDIUM PATCH This Month

The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Privilege Escalation Linkit
NVD
CVSS 2.0
4.3
EPSS
0.6%
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Linkit
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Privilege Escalation Linkit
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy