What is CVE-2015-8795?

CVE-2015-8795 is a medium-severity vulnerability in Apache Solr, classified under Cross-site Scripting. CVSS score: 6.1/10. Published 2016-02-15.

How severe is CVE-2015-8795?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Is CVE-2015-8795 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Apache Solr

CVE-2015-8795

Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis pag…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.026 (85.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.

Affected products

Apache Solr
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-8795?: CVE-2015-8795 is a medium-severity vulnerability in Apache Solr, classified under Cross-site Scripting. CVSS score: 6.1/10. Published 2016-02-15.
How severe is CVE-2015-8795?: Medium severity. CVSS v3 base score is 6.1 out of 10.
Is CVE-2015-8795 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.