2 matches found
CVE-2013-4230
The mm_webform submodule in Monster Menus (Drupal 6.x-6.x before 6.x-6.61 and 7.x-1.x before 7.x-1.13) does not properly restrict access to webform submissions, allowing remote authenticated users with the “Who can read data submitted to this webform” permission to delete arbitrary submissions vi...
SA-CONTRIB-2013-066 - Monster Menus - Multiple Vulnerabilities
Monster Menus enables you to create granular page permissions, and apply them to a hierarchical page structure. The mmwebform submodule enables you to assign permissions derived from Monster Menus to webform forms. The module doesn't sufficiently filter titles entered into page settings and echoe...