Http Strict Transport Security
1 CVEs
product
Monthly
The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the "include subdomains" directive, which causes the HSTS. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
Information Disclosure
Http Strict Transport Security
NVD
CVSS 2.0
6.8
EPSS
0.6%
EPSS 1%
CVSS 6.8
MEDIUM
PATCH
This Month
The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the "include subdomains" directive, which causes the HSTS. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
Information Disclosure
Http Strict Transport Security
NVD