Sign in Get started

← All vendors

Vendor

Acquia

Sign in to watch

Products

4

CVEs

5

Across products

20

Status

Private

Products

4

Commons
10 CVEs
Mollom
8 CVEs
Commons Group
1 CVE
Mautic
1 CVE

Recent CVEs

5

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2017-8874	Hig	0.57	8.8	0.00		May 10, 2017	Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.
CVE-2015-8754	Hig	0.49	7.5	0.00		Jan 8, 2016	The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors.
CVE-2013-1908		0.00	—	0.01		Jul 16, 2013	The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content to groups via unspecified vectors.
CVE-2013-1907		0.00	—	0.01		Jul 16, 2013	The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content to groups via unspecified vectors.
CVE-2012-4483		0.00	—	0.00		Oct 31, 2012	The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote attackers to obtain sensitive information via the recent comments listing.