Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-25085

A vulnerability classified as problematic was found in Responsive Menus 7.x-1.x-dev on Drupal. Affected by this vulnerability is the function responsive_menus_admin_form_submit of the file responsive_menus.module of the component Configuration Setting Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 7.x-1.7 is able to address this issue. The patch is named 3c554b31d32a367188f44d44857b061eac949fb8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-227755.

Published

2023-05-01T05:15:08.633

Last Modified

2024-11-21T04:03:31.500

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 2.4 (LOW)

CVSSv2 Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: MULTIPLE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: NONE
Exploitability Score

6.4

Impact Score

2.9

Weaknesses
  • Type: Secondary
    CWE-79
  • Type: Primary
    CWE-79
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application drupal responsive_menus < 7.x-1.7 Yes
References