Vulnerabilities (CVE)

Filtered by vendor Mclewin Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2069 2 Drupal, Mclewin 2 Drupal, Wishlist 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in the Wishlist module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.6 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences via the (1) wl_reveal or (2) q parameters.