| Max CVSS | 5.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-4533 | 5.0 |
The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vector
|
17-08-2017 - 01:31 | 31-12-2009 - 19:30 | |
| CVE-2009-4532 | 3.5 |
Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to inject arbitrary web script or HTML via a field lab
|
17-08-2017 - 01:31 | 31-12-2009 - 19:30 |