Webform@5.x-2.1.3 Security Vulnerabilities and Issues — Webform@5.x-2.1.3 CVE List

Lucene search

Nathan HaugWebform5.x-2.1.3

3 matches found

cve•added 2009/12/04 7:30 p.m.•35 views

CVE-2009-4207

Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.7 and 6.x before 6.x-2.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a submission.

4.3CVSS5.7AI score0.00319EPSS

cve•added 2009/12/31 7:30 p.m.•28 views

CVE-2009-4532

Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to inject arbitrary web script or HTML via a field label.

3.5CVSS5.3AI score0.00262EPSS

cve•added 2009/12/31 7:30 p.m.•28 views

CVE-2009-4533

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors.

5CVSS6.7AI score0.00523EPSS