Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal workflow vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2008-0463
Cross-site scripting (XSS) vulnerability in the Workflow 4.7.x prior to 4.7.x-1.2 and 5.x prior to 5.x-1.2 module for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving node properties.
Drupal Workflow
312
VMScore
CVE-2009-4513
Multiple cross-site scripting (XSS) vulnerabilities in the Workflow module 5.x prior to 5.x-2.4 and 6.x prior to 6.x-1.2, a module for Drupal, allow remote authenticated users, with "administer workflow" privileges, to inject arbitrary web script or HTML via the name of...
John Vandyk Workflow 5.x-1.1
John Vandyk Workflow 5.x-1.0
John Vandyk Workflow 6.x-1.0-beta2
John Vandyk Workflow 6.x-1.0-beta1
John Vandyk Workflow
John Vandyk Workflow 5.x-2.2
John Vandyk Workflow 5.x-1.0-beta1
John Vandyk Workflow 6.x-1.1
John Vandyk Workflow 6.x-1.x-dev
John Vandyk Workflow 5.x-2.x-dev
John Vandyk Workflow 5.x-1.2
John Vandyk Workflow 6.x-1.0-rc3
John Vandyk Workflow 6.x-1.0-rc1
John Vandyk Workflow 5.x-2.1
John Vandyk Workflow 5.x-2.0
John Vandyk Workflow 6.x-1.0
John Vandyk Workflow 6.x-1.0-rc4
187
VMScore
CVE-2010-1539
Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2.x prior to 5.x-2.6 and 6.x-1.x prior to 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comment field.
John Vandyk Workflow 5.x-2.x
John Vandyk Workflow 5.x-2.5
John Vandyk Workflow 6.x-1.0
John Vandyk Workflow 5.x-2.1
John Vandyk Workflow 5.x-2.0
John Vandyk Workflow 5.x-2.3
John Vandyk Workflow 5.x-2.2
John Vandyk Workflow 6.x-1.2
John Vandyk Workflow 6.x-1.1
John Vandyk Workflow 5.x-2.4
John Vandyk Workflow 6.x-1.4
John Vandyk Workflow 6.x-1.3
John Vandyk Workflow 6.x-1.x-dev
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started