Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure.

OSVersionArchitecturePackageVersionFilename
Fedora29anydrupal7< 7.66UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	29	any	drupal7	< 7.66	UNKNOWN

openvas 51

fedora 24

nessus 40

cvelist 2

prion 2

debiancve 2

cve 2

ubuntucve 2

atlassian 9

githubexploit 5

veracode 1

alpinelinux 1

ibm 27

osv 4

symantec 1

typo3 1

github 2

f5 1

redhat 7

redhatcve 1

joomla 1

drupal 1

hackerone 1

friendsofphp 1

checkpoint_advisories 1

debian 1

amazon 1

freebsd 1

cnvd 1

archlinux 1

oraclelinux 1

attackerkb 1

rocky 1

altlinux 1

openvas

Fedora Update for drupal7 FEDORA-2019-a06dffab1c

2019-05-10 00:00:00

Fedora Update for drupal7 FEDORA-2019-f563e66380

2019-05-09 00:00:00

Fedora Update for drupal7 FEDORA-2019-040857fd75

2019-05-26 00:00:00

fedora

[SECURITY] Fedora 28 Update: drupal7-7.66-1.fc28

2019-05-09 01:42:20

[SECURITY] Fedora 29 Update: drupal7-7.67-1.fc29

2019-05-25 03:36:33

[SECURITY] Fedora 28 Update: drupal7-7.67-1.fc28

2019-05-25 01:11:40

nessus

Fedora 15 : drupal7-7.14-2.fc15 (2012-8360)

2012-06-04 00:00:00

Fedora 16 : drupal7-7.14-2.fc16 (2012-8362)

2012-06-04 00:00:00

Fedora 17 : drupal7-7.14-2.fc17 (2012-8398)

2012-06-04 00:00:00

cvelist

CVE-2012-2922

2012-05-21 22:00:00

CVE-2019-11358

2019-04-19 00:00:00

prion

Design/Logic Flaw

2012-05-21 22:55:00

Design/Logic Flaw

2019-04-20 00:29:00

debiancve

CVE-2012-2922

2012-05-21 22:55:00

CVE-2019-11358

2019-04-20 00:29:00

cve

CVE-2012-2922

2012-05-21 22:55:01

CVE-2019-11358

2019-04-20 00:29:00

ubuntucve

CVE-2012-2922

2012-05-21 00:00:00

CVE-2019-11358

2019-04-20 00:00:00

atlassian

jQuery 2.2.4 is vulnerable to prototype pollution

2019-05-13 01:57:29

Update jQuery to address CVE-2019-11358

2019-08-01 05:11:29

jQuery 2.2.4 is vulnerable to prototype pollution

2019-05-13 01:57:29

githubexploit

Exploit for Prototype Pollution in Jquery

2020-12-01 09:18:58

Exploit for Prototype Pollution in Jquery

2021-03-08 11:34:11

Exploit for Prototype Pollution in Jquery

2019-07-18 19:15:33

veracode

Prototype Pollution

2019-04-22 03:41:01

alpinelinux

CVE-2019-11358

2019-04-20 00:29:00

ibm

Security Bulletin: Vulnerability in jQuery affects IBM Watson Studio Local

2019-12-18 17:50:38

Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting (CVE-2019-11358)

2019-12-06 20:52:02

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery (CVE-2019-11358).

2023-01-12 21:59:00

osv

XSS in jQuery as used in Drupal, Backdrop CMS, and other products

2019-04-26 16:29:11

eZ Platform Bundled jQuery affected by CVE-2019-11358

2024-05-15 21:08:41

CVE-2019-11358

2019-04-20 00:29:00

symantec

JQuery CVE-2019-11358 Cross Site Scripting Vulnerability

2019-04-17 00:00:00

typo3

Cross-Site Scripting in jQuery before 3.4.0

2019-05-07 00:00:00

github

XSS in jQuery as used in Drupal, Backdrop CMS, and other products

2019-04-26 16:29:11

eZ Platform Bundled jQuery affected by CVE-2019-11358

2024-05-15 21:08:41

K20455158 : jQuery vulnerability CVE-2019-11358

2020-04-14 00:00:00

redhat

(RHSA-2020:1325) Moderate: python-XStatic-jQuery security update

2020-04-06 08:40:52

(RHSA-2020:5581) Moderate: python-XStatic-jQuery security update

2020-12-16 12:57:14

(RHSA-2019:2587) Moderate: CloudForms 4.7.9 security, bug fix and enhancement update

2019-09-05 05:18:52

redhatcve

CVE-2019-11358

2021-07-18 00:15:31

joomla

[20190403] - Core - Object.prototype pollution in JQuery $.extend

2019-03-25 00:00:00

drupal

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006

2019-04-17 00:00:00

hackerone

Node.js third-party modules: Prototype pollution attack through jQuery $.extend

2018-12-03 15:53:20

friendsofphp

EZSA-2019-005 Bundled jQuery affected by CVE-2019-11358

2019-07-04 12:28:00

checkpoint_advisories

jQuery Prototype Pollution Object Cross-Site Scripting (CVE-2019-11358)

2019-04-29 00:00:00

debian

[SECURITY] [DSA 4434-1] drupal7 security update

2019-04-20 12:03:09

amazon

Medium: pcs

2023-01-18 00:16:00

freebsd

Django -- AdminURLFieldWidget XSS

2019-06-03 00:00:00

cnvd

Silverstripe framework cross-site scripting vulnerability

2022-11-23 00:00:00

archlinux

[ASA-201906-2] python-django: cross-site scripting

2019-06-04 00:00:00

oraclelinux

pcs security update

2022-11-03 00:00:00

attackerkb

CVE-2019-11358

2019-04-20 00:00:00

rocky

pcs security, bug fix, and enhancement update

2021-11-09 08:21:49

altlinux

Security fix for the ALT Linux 9 package phpipam version 1.42.027-alt1

2020-10-21 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for FEDORA:3230260BA78B