Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal workflow vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-0463
Cross-site scripting (XSS) vulnerability in the Workflow 4.7.x prior to 4.7.x-1.2 and 5.x prior to 5.x-1.2 module for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving node properties.
Drupal Workflow
3.5
CVSSv2
CVE-2009-4513
Multiple cross-site scripting (XSS) vulnerabilities in the Workflow module 5.x prior to 5.x-2.4 and 6.x prior to 6.x-1.2, a module for Drupal, allow remote authenticated users, with "administer workflow" privileges, to inject arbitrary web script or HTML via the name of...
John Vandyk Workflow
John Vandyk Workflow 5.x-1.0
John Vandyk Workflow 5.x-1.0-beta1
John Vandyk Workflow 5.x-1.1
John Vandyk Workflow 5.x-1.2
John Vandyk Workflow 5.x-2.0
John Vandyk Workflow 5.x-2.1
John Vandyk Workflow 5.x-2.2
John Vandyk Workflow 5.x-2.x-dev
John Vandyk Workflow 6.x-1.0
John Vandyk Workflow 6.x-1.0-beta1
John Vandyk Workflow 6.x-1.0-beta2
John Vandyk Workflow 6.x-1.0-rc1
John Vandyk Workflow 6.x-1.0-rc3
John Vandyk Workflow 6.x-1.0-rc4
John Vandyk Workflow 6.x-1.1
John Vandyk Workflow 6.x-1.x-dev
2.1
CVSSv2
CVE-2010-1539
Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2.x prior to 5.x-2.6 and 6.x-1.x prior to 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comment field.
John Vandyk Workflow 5.x-2.0
John Vandyk Workflow 5.x-2.1
John Vandyk Workflow 5.x-2.2
John Vandyk Workflow 5.x-2.3
John Vandyk Workflow 5.x-2.4
John Vandyk Workflow 5.x-2.5
John Vandyk Workflow 5.x-2.x
John Vandyk Workflow 6.x-1.0
John Vandyk Workflow 6.x-1.1
John Vandyk Workflow 6.x-1.2
John Vandyk Workflow 6.x-1.3
John Vandyk Workflow 6.x-1.4
John Vandyk Workflow 6.x-1.x-dev
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started