Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:thomas_seidl:search_api:7.x-1.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-2715 |
Cross-site scripting (XSS) vulnerability in the admin view in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a crafted field name. Published: March 27, 2013; 5:55:03 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2013-0181 |
Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal, when using certain backends and facets, allows remote attackers to inject arbitrary web script or HTML via unspecified input, which is returned in an error message. Published: March 27, 2013; 5:55:01 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2012-5547 |
Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable a server via a server action or (2) enable a search index via an enable index action. Published: December 03, 2012; 4:55:02 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |