Erikwebb Password Policy — known CVE vulnerabilities
Every CVE whose affected-product data names Erikwebb Password Policy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2012-1633 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote…
CVE-2012-5552 — CVSS 5.0 (medium): The Password policy module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to obtain password hashes…
CVE-2013-4274 — CVSS 2.1 (low): Cross-site scripting (XSS) vulnerability in the password_policy_admin_view function in password_policy.admin.inc in the Password Policy…