Lucene search
Simplenews Scheduler Security Vulnerabilities
cve
The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling form, which is later executed by cron.
6.8AI Score
0.004EPSS
2022-10-03 04:15 PM
22