CVE-2015-8032 — MEDIUM (5.3)

Vulnerability Description

In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Textpattern	Textpattern	4.5.7

Related Weaknesses (CWE)

CWE-269

References

https://github.com/textpattern/textpattern/blob/f94c3fb9916ee0c7fa4a52025fa4e8c3Release NotesThird Party Advisory
https://github.com/textpattern/textpattern/commit/950d9e0e4ee46efa41e791eac6cd55PatchThird Party Advisory
https://github.com/textpattern/textpattern/blob/f94c3fb9916ee0c7fa4a52025fa4e8c3Release NotesThird Party Advisory
https://github.com/textpattern/textpattern/commit/950d9e0e4ee46efa41e791eac6cd55PatchThird Party Advisory

FAQ

What is CVE-2015-8032?

CVE-2015-8032 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.

How severe is CVE-2015-8032?

CVE-2015-8032 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-8032?

Check the references section above for vendor advisories and patch information. Affected products include: Textpattern Textpattern.