VYPR
Unrated severityNVD Advisory· Published Dec 31, 2009· Updated Jun 16, 2026

CVE-2009-4533

CVE-2009-4533

Description

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

43
  • Nathan Haug/Webform42 versions
    cpe:2.3:a:nathan_haug:webform:*:*:*:*:*:*:*:*+ 41 more
    • cpe:2.3:a:nathan_haug:webform:*:*:*:*:*:*:*:*range: <=5.x-2.7
    • cpe:2.3:a:nathan_haug:webform:5.x-1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-1.x-dev:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.0-beta0:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.0-beta1:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.0-beta2:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.0-beta3:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:5.x-2.x-dev:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.0-beta1:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.0-beta2:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.0-beta3:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.0-beta4:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.0-beta5:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.0-beta6:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.1-1:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:nathan_haug:webform:6.x-2.x-dev:*:*:*:*:*:*:*
  • Drupal/webformllm-fuzzy
    Range: <5.x-2.8, <6.x-2.8

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.