VYPR

Commons

by Drupal

CVEs (2)

  • CVE-2014-8747Oct 13, 2014
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to content creation and activity stream messages.

  • CVE-2012-4483Oct 31, 2012
    risk 0.00cvss epss 0.01

    The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote…