Node Invite Project Node Invite — known CVE vulnerabilities
Every CVE whose affected-product data names Node Invite Project Node Invite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2015-3370 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the…
CVE-2015-3371 — CVSS 5.8 (medium): Open redirect vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to redirect users to arbitrary web…
CVE-2015-3372 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject…