Ariel Barreiro : Security Vulnerabilities, CVEs,
The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does not properly follow permissions during assignment of node meta tags, which allows remote attackers to obtain sensitive information via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.58%
Published
2009-09-28
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in the Node Recommendation module 6.x-1.x before 6.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.12%
Published
2012-09-18
Updated
2017-08-29
2 vulnerabilities found