VYPR

Nodequeue

by Drupal

CVEs (2)

  • CVE-2009-2075Jun 16, 2009
    risk 0.00cvss epss 0.01

    Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, does not properly restrict access when displaying node titles, which has unknown impact and attack vectors.

  • CVE-2009-2074Jun 16, 2009
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via vocabulary names.