CVE-2024-34481

medium

Description

drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via comments, captions, and image titles of a Wiki page.

References

Advisories
More

https://www.secuvera.de/advisories/secuvera-SA-2024-02.txt

https://seclists.org/fulldisclosure/2024/May/4

https://drupal-wiki.com/drupal-wiki-update-8-31/

Details

Source: Mitre, NVD

Published: 2024-07-05

Updated: 2024-07-09

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00168