CVE-2016-1913

Published on: 01/15/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Certain versions of Redhen from Redhen Project contain the following vulnerability:

Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to (1) individual contacts, (2) notes, or (3) engagement scores.

  • CVE-2016-1913 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.4 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW LOW REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
CHANGED LOW LOW NONE

CVSS2 Score: 3.5 - LOW

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM SINGLE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL NONE

CVE References

Description Tags Link
redhen 7.x-1.11 | Drupal.org Patch
www.drupal.org
text/html
URL Logo CONFIRM www.drupal.org/node/2649780
RedHen CRM - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-002 | Drupal.org Patch
Vendor Advisory
www.drupal.org
text/html
URL Logo MISC www.drupal.org/node/2649800

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationRedhen ProjectRedhen7.x-1.0AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.0alpha1AllAll
ApplicationRedhen ProjectRedhen7.x-1.0alpha2AllAll
ApplicationRedhen ProjectRedhen7.x-1.0alpha3AllAll
ApplicationRedhen ProjectRedhen7.x-1.0beta1AllAll
ApplicationRedhen ProjectRedhen7.x-1.0beta2AllAll
ApplicationRedhen ProjectRedhen7.x-1.0beta3AllAll
ApplicationRedhen ProjectRedhen7.x-1.1AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.10AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.2AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.3AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.4AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.5AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.6AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.7AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.8AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.xdevAllAll
ApplicationRedhen ProjectRedhen7.x-1.0AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.0alpha1AllAll
ApplicationRedhen ProjectRedhen7.x-1.0alpha2AllAll
ApplicationRedhen ProjectRedhen7.x-1.0alpha3AllAll
ApplicationRedhen ProjectRedhen7.x-1.0beta1AllAll
ApplicationRedhen ProjectRedhen7.x-1.0beta2AllAll
ApplicationRedhen ProjectRedhen7.x-1.0beta3AllAll
ApplicationRedhen ProjectRedhen7.x-1.1AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.10AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.2AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.3AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.4AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.5AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.6AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.7AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.8AllAllAll
ApplicationRedhen ProjectRedhen7.x-1.xdevAllAll
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha1:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha2:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha3:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta1:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta2:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta3:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.1:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.10:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.2:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.3:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.4:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.5:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.6:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.7:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.8:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.x:dev:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha1:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha2:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:alpha3:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta1:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta2:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.0:beta3:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.1:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.10:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.2:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.3:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.4:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.5:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.6:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.7:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.8:*:*:*:*:drupal:*:*:
  • cpe:2.3:a:redhen_project:redhen:7.x-1.x:dev:*:*:*:drupal:*:*: