Luke Herrington: >> Stickynote Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.001
Published
2012-10-01
Cross-site scripting (XSS) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs.
CVSS Score
2.1
EPSS Score
0.003
Published
2012-10-01