What is the severity of CVE-2013-2715?

CVE-2013-2715 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.

How do I fix CVE-2013-2715?

To fix CVE-2013-2715, upgrade the Search API module to version 7.x-1.4 or later.

Who is affected by CVE-2013-2715?

CVE-2013-2715 affects remote authenticated users with specific permissions in the Search API module versions before 7.x-1.4.

What is the nature of the vulnerability in CVE-2013-2715?

CVE-2013-2715 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.

Where can I find more information about CVE-2013-2715?

More information about CVE-2013-2715 can typically be found in the official Drupal security announcements or vulnerability databases.

Vulnerability/
CVE-2013-2715

low

2.1

CWE

27/3/2013

6/8/2024

CVE-2013-2715: XSS

First published: Wed Mar 27 2013(Updated: )

Cross-site scripting (XSS) vulnerability in the admin view in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a crafted field name.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Thomas Seidl Search Api	=7.x-1.0
Thomas Seidl Search Api	=7.x-1.0-beta1
Thomas Seidl Search Api	=7.x-1.0-beta10
Thomas Seidl Search Api	=7.x-1.0-beta2
Thomas Seidl Search Api	=7.x-1.0-beta3
Thomas Seidl Search Api	=7.x-1.0-beta4
Thomas Seidl Search Api	=7.x-1.0-beta5
Thomas Seidl Search Api	=7.x-1.0-beta6
Thomas Seidl Search Api	=7.x-1.0-beta7
Thomas Seidl Search Api	=7.x-1.0-beta8
Thomas Seidl Search Api	=7.x-1.0-beta9
Thomas Seidl Search Api	=7.x-1.0-rc1
Thomas Seidl Search Api	=7.x-1.1
Thomas Seidl Search Api	=7.x-1.2
Thomas Seidl Search Api	=7.x-1.3
Thomas Seidl Search Api	=7.x-1.x-dev
Drupal Drupal

Remedy

https://drupal.org/node/1884076

Remedy

https://drupal.org/node/1884332

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-2715?
CVE-2013-2715 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2013-2715?
To fix CVE-2013-2715, upgrade the Search API module to version 7.x-1.4 or later.
Who is affected by CVE-2013-2715?
CVE-2013-2715 affects remote authenticated users with specific permissions in the Search API module versions before 7.x-1.4.
What is the nature of the vulnerability in CVE-2013-2715?
CVE-2013-2715 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.
Where can I find more information about CVE-2013-2715?
More information about CVE-2013-2715 can typically be found in the official Drupal security announcements or vulnerability databases.

collector/nvd-index
agent/softwarecombine
agent/remedy
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/weakness
agent/references
agent/last-modified-date
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/thomas seidl
canonical/thomas seidl search api
version/thomas seidl search api/7.x-1.0
version/thomas seidl search api/7.x-1.0-beta1
version/thomas seidl search api/7.x-1.0-beta10
version/thomas seidl search api/7.x-1.0-beta2
version/thomas seidl search api/7.x-1.0-beta3
version/thomas seidl search api/7.x-1.0-beta4
version/thomas seidl search api/7.x-1.0-beta5
version/thomas seidl search api/7.x-1.0-beta6
version/thomas seidl search api/7.x-1.0-beta7
version/thomas seidl search api/7.x-1.0-beta8
version/thomas seidl search api/7.x-1.0-beta9
version/thomas seidl search api/7.x-1.0-rc1
version/thomas seidl search api/7.x-1.1
version/thomas seidl search api/7.x-1.2
version/thomas seidl search api/7.x-1.3
version/thomas seidl search api/7.x-1.x-dev
vendor/drupal
canonical/drupal drupal

Frequently Asked Questions

What is the severity of CVE-2013-2715?
CVE-2013-2715 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2013-2715?
To fix CVE-2013-2715, upgrade the Search API module to version 7.x-1.4 or later.
Who is affected by CVE-2013-2715?
CVE-2013-2715 affects remote authenticated users with specific permissions in the Search API module versions before 7.x-1.4.
What is the nature of the vulnerability in CVE-2013-2715?
CVE-2013-2715 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.
Where can I find more information about CVE-2013-2715?
More information about CVE-2013-2715 can typically be found in the official Drupal security announcements or vulnerability databases.

CVE-2013-2715: XSS

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-2715?

How do I fix CVE-2013-2715?

Who is affected by CVE-2013-2715?

What is the nature of the vulnerability in CVE-2013-2715?

Where can I find more information about CVE-2013-2715?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-2715?

How do I fix CVE-2013-2715?

Who is affected by CVE-2013-2715?

What is the nature of the vulnerability in CVE-2013-2715?

Where can I find more information about CVE-2013-2715?