Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Maestro
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-8743 |
Multiple cross-site scripting (XSS) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via a (1) Role or (2) Organic Group name. Published: October 13, 2014; 2:55:02 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2012-3799 |
Multiple cross-site request forgery (CSRF) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) change workflows or (2) insert cross-site scripting (XSS) sequences. Published: June 26, 2012; 8:55:06 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2012-2723 |
Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with maestro admin permissions to inject arbitrary web script or HTML via unspecified vectors. Published: June 26, 2012; 8:55:05 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |