The Webform module 5.x prior to 5.x-2.8 and 6.x prior to 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote malicious users to read session variables via unspecified vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
nathan_haug webform 6.x-2.2 |
||
nathan_haug webform 6.x-2.1 |
||
nathan_haug webform 6.x-2.0-beta6 |
||
nathan_haug webform 6.x-2.0-beta1 |
||
nathan_haug webform 5.x-2.2 |
||
nathan_haug webform 5.x-2.1.3 |
||
nathan_haug webform 6.x-2.4 |
||
nathan_haug webform 6.x-2.3 |
||
nathan_haug webform 6.x-2.0-beta4 |
||
nathan_haug webform 6.x-2.0-beta5 |
||
nathan_haug webform 5.x-2.4 |
||
nathan_haug webform 5.x-2.3 |
||
nathan_haug webform 5.x-2.0-beta3 |
||
nathan_haug webform 5.x-2.0-beta2 |
||
nathan_haug webform 5.x-1.6 |
||
nathan_haug webform 5.x-1.5 |
||
nathan_haug webform 6.x-2.1-1 |
||
nathan_haug webform 6.x-2.1.2 |
||
nathan_haug webform 6.x-2.0-beta2 |
||
nathan_haug webform 6.x-2.x-dev |
||
nathan_haug webform 5.x-2.1.2 |
||
nathan_haug webform 5.x-2.1.1 |
||
nathan_haug webform 5.x-2.1 |
||
nathan_haug webform 5.x-1.9 |
||
nathan_haug webform 5.x-2.x-dev |
||
nathan_haug webform 5.x-1.2 |
||
nathan_haug webform 5.x-1.x-dev |
||
nathan_haug webform 5.x-2.0-beta0 |
||
nathan_haug webform 5.x-2.0-beta1 |
||
nathan_haug webform 5.x-1.4 |
||
nathan_haug webform 5.x-1.3 |
||
nathan_haug webform |
||
nathan_haug webform 6.x-2.6 |
||
nathan_haug webform 6.x-2.5 |
||
nathan_haug webform 6.x-2.1.3 |
||
nathan_haug webform 6.x-2.0-beta3 |
||
nathan_haug webform 5.x-2.6 |
||
nathan_haug webform 5.x-2.5 |
||
nathan_haug webform 5.x-2.0 |
||
nathan_haug webform 5.x-1.10 |
||
nathan_haug webform 5.x-1.8 |
||
nathan_haug webform 5.x-1.7 |
Vulmon