CVE-2015-4365

Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
taxonomy_accordion_projecttaxonomy_accordion
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2015/04/25/6
http://www.securityfocus.com/bid/72952
https://www.drupal.org/node/2445973
http://www.openwall.com/lists/oss-security/2015/04/25/6
http://www.securityfocus.com/bid/72952
https://www.drupal.org/node/2445973