CVE-2009-4533
CVE-2009-4533 affects the Drupal Webform module (5.x before 5.x-2.8 and 6.x before 6.x-2.8). The underlying issue is that pages containing token placeholders for a default value are not prevented from being cached, which can allow remote attackers to read session variables via unspecified vectors...