Activity Security Vulnerabilities

CVE-2012-2078

Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal.

CVE-2012-2079

A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.

CVE-2022-34126

The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter.