CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5489

Cross-site scripting (XSS) vulnerability in the Smart Trim module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors involving the field settings form.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.3%

CVSS Severity

CVSS v2 Score 3.5

References

Products affected by CVE-2015-5489

Smart Trim Project » Smart Trim » Version: 7.x-1.0

cpe:2.3:a:smart_trim_project:smart_trim:7.x-1.0
Smart Trim Project » Smart Trim » Version: 7.x-1.1

cpe:2.3:a:smart_trim_project:smart_trim:7.x-1.1
Smart Trim Project » Smart Trim » Version: 7.x-1.2

cpe:2.3:a:smart_trim_project:smart_trim:7.x-1.2
Smart Trim Project » Smart Trim » Version: 7.x-1.3

cpe:2.3:a:smart_trim_project:smart_trim:7.x-1.3
Smart Trim Project » Smart Trim » Version: 7.x-1.4

cpe:2.3:a:smart_trim_project:smart_trim:7.x-1.4
Smart Trim Project » Smart Trim » Version: 7.x-1.x

cpe:2.3:a:smart_trim_project:smart_trim:7.x-1.x

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5489

Products

Pricing

Contact Us