Blaine Lang » Maestro : Security Vulnerabilities, CVEs,
Multiple cross-site request forgery (CSRF) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) change workflows or (2) insert cross-site scripting (XSS) sequences.
Max CVSS
5.1
EPSS Score
0.59%
Published
2012-06-27
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with maestro admin permissions to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.6
EPSS Score
0.27%
Published
2012-06-27
Updated
2017-08-29
2 vulnerabilities found