VYPR

Forward

by Sean Robertson

CVEs (3)

  • CVE-2012-1057Feb 14, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that increase node…

  • CVE-2012-1056Feb 14, 2012
    risk 0.00cvss epss 0.01

    The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.

  • CVE-2007-3690Jul 11, 2007
    risk 0.00cvss epss 0.02

    The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.