CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5515

The Views Bulk Operations (VBO) module 6.x-1.x and 7.x-3.x before 7.x-3.3 for Drupal, when the bulk operation for changing Roles is enabled, allows remote authenticated users to edit user accounts and add arbitrary roles to the accounts by leveraging access to a user account listing view with VBO enabled.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.2%

CVSS Severity

CVSS v2 Score 4.9

References

Products affected by CVE-2015-5515

Views Bulk Operations Project » Views Bulk Operations » Version: 6.x-1.17

cpe:2.3:a:views_bulk_operations_project:views_bulk_operations:6.x-1.17
Views Bulk Operations Project » Views Bulk Operations » Version: 6.x-1.x

cpe:2.3:a:views_bulk_operations_project:views_bulk_operations:6.x-1.x
Views Bulk Operations Project » Views Bulk Operations » Version: 7.x-3.0

cpe:2.3:a:views_bulk_operations_project:views_bulk_operations:7.x-3.0
Views Bulk Operations Project » Views Bulk Operations » Version: 7.x-3.1

cpe:2.3:a:views_bulk_operations_project:views_bulk_operations:7.x-3.1
Views Bulk Operations Project » Views Bulk Operations » Version: 7.x-3.2

cpe:2.3:a:views_bulk_operations_project:views_bulk_operations:7.x-3.2
Views Bulk Operations Project » Views Bulk Operations » Version: 7.x-3.x

cpe:2.3:a:views_bulk_operations_project:views_bulk_operations:7.x-3.x

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5515

Products

Pricing

Contact Us