Skip to main content

Views

4 CVEs product

Monthly

CVE-2015-5490 MEDIUM POC PATCH This Month

The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Views
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-3379 MEDIUM PATCH This Month

The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Views
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2015-3378 MEDIUM PATCH This Month

Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Open Redirect Views
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1887 LOW PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Views module 7.x-3.x before 7.x-3.6 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Views
NVD
CVSS 2.0
2.1
EPSS
0.3%
EPSS 0% CVSS 5.0
MEDIUM POC PATCH This Month

The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Views
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Views
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Open Redirect Views
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Views module 7.x-3.x before 7.x-3.6 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Views
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy