CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Sjoerd Arendsen 1Simplenews Statistics Apr 23, 2026 Oct 26, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allow remote attackers to hijack the authentication of arbitrary users via unknown vectors. |
1Sjoerd Arendsen 1Simplenews Statistics Apr 23, 2026 Oct 26, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Open redirect vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
1Sjoerd Arendsen 1Simplenews Statistics Apr 23, 2026 Oct 26, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vector. |