Skip to main content

Wishlist

3 CVEs product

Monthly

CVE-2015-3357 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Wishlist
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-3354 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

CSRF Wishlist
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2012-2069 MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Wishlist module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.6 for Drupal allows remote attackers to hijack the authentication of arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF XSS Wishlist
NVD
CVSS 2.0
6.8
EPSS
0.4%
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Wishlist
NVD
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

CSRF Wishlist
NVD
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Wishlist module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.6 for Drupal allows remote attackers to hijack the authentication of arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF XSS Wishlist
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy