CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Insite: >> Node Basket Security Vulnerabilities

CVE-2015-3383

Open redirect vulnerability in the Node basket module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

CVSS Score

5.8

EPSS Score

0.003

Published

2015-04-21

CVE-2015-3382

Multiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2) remove nodes from a basket via unspecified vectors.

CVSS Score

5.8

EPSS Score

0.001

Published

2015-04-21

CVE-2015-3381

Cross-site scripting (XSS) vulnerability in the Node basket module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

3.5

EPSS Score

0.002

Published

2015-04-21

Page 1

Vulnerabilities

Vulnerable Software

Insite: >> Node Basket Security Vulnerabilities

Products

Pricing

Contact Us