Skip to main content

Search Api

4 CVEs product

Monthly

CVE-2013-2715 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the admin view in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Search Api
NVD
CVSS 2.0
2.1
EPSS
0.3%
CVE-2013-0181 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Search Api
NVD
CVSS 2.0
2.6
EPSS
0.5%
CVE-2012-5547 MEDIUM PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Search Api
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-2712 LOW POC PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.1 for Drupal, when supporting manual entry of field identifiers, allow remote attackers to inject. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

XSS Search Api
NVD
CVSS 2.0
2.6
EPSS
0.5%
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the admin view in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Search Api
NVD
EPSS 1% CVSS 2.6
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Search Api
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Search Api
NVD
EPSS 1% CVSS 2.6
LOW POC PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.1 for Drupal, when supporting manual entry of field identifiers, allow remote attackers to inject. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

XSS Search Api
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy