CVE-2019-25012

HIGH

Webform Report <7.x-1.x-dev - Info Disclosure

Title source: llm

Description

The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by visiting the /rss.xml page. NOTE: This project is not covered by Drupal's security advisory policy.

References (1)

[Vendor Advisory] https://www.drupal.org/project/webform_report/issues/3101410

Scores

CVSS v3 7.5

EPSS 0.0029

EPSS Percentile 52.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-425

Status published

Products (1)

webform_report_project/webform_report 7.x-1.x-dev

Published Jan 01, 2021

Tracked Since Feb 18, 2026