Luke Herrington » Stickynote : Security Vulnerabilities, CVEs, CVSS score >= 1
Cross-site scripting (XSS) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs.
Max CVSS
2.1
EPSS Score
0.09%
Published
2012-10-01
Updated
2012-10-02
Cross-site request forgery (CSRF) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.14%
Published
2012-10-01
Updated
2012-10-02
2 vulnerabilities found