Maestro
Monthly
Multiple cross-site scripting (XSS) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Multiple cross-site request forgery (CSRF) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Public exploit code available.
Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with maestro admin permissions to inject arbitrary web script or. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.
Multiple cross-site scripting (XSS) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Multiple cross-site request forgery (CSRF) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Public exploit code available.
Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with maestro admin permissions to inject arbitrary web script or. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.