Skip to main content
CVE-2013-1972 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the elFinder file manager module 6.x-0.x before 6.x-0.8 and 7.x-0.x before 7.x-0.8 for Drupal allows remote attackers to hijack the authentication. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

CSRF XSS Elfinder
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-2129 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x before 6.x-3.19 for Drupal allows remote authenticated users with the "edit own webform content" or "edit all webform content". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Webform
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-2036 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Filebrowser module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Filebrowser
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1906 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Rules
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy