Lullabot Fivestar Module For Drupal — known CVE vulnerabilities
Every CVE whose affected-product data names Lullabot Fivestar Module For Drupal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2009-2572 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Fivestar module 5.x-1.x before 5.x-1.14 and 6.x-1.x before 6.x-1.14, a module for…
CVE-2012-2096 — CVSS 5.0 (medium): The Fivestar module 6.x-1.x before 6.x-1.20 for Drupal does not properly validate voting data, which allows remote attackers to manipulate…