Every CVE whose affected-product data names Boombatower Subuser, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2012-4486 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the…
CVE-2012-4487 — CVSS 4.0 (medium): The Subuser module before 6.x-1.8 for Drupal does not properly check "switch subuser" permissions, which allows remote authenticated parent…