Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure.

OSVersionArchitecturePackageVersionFilename
Fedora35anydrupal7< 7.92UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	35	any	drupal7	< 7.92	UNKNOWN

fedora 10

nessus 41

drupal 5

osv 25

debian 5

ibm 24

ubuntu 2

f5 4

checkpoint_advisories 3

redhat 6

cve 7

alpinelinux 5

debiancve 6

github 7

veracode 7

prion 7

ubuntucve 7

attackerkb 1

openvas 12

securityvulns 1

mageia 1

redhatcve 4

atlassian 2

nodejs 1

redos 1

oraclelinux 2

centos 2

threatpost 1

fedora

[SECURITY] Fedora 37 Update: drupal7-7.92-1.fc37

2022-11-10 22:46:29

[SECURITY] Fedora 36 Update: drupal7-7.92-1.fc36

2022-10-23 09:04:53

[SECURITY] Fedora 34 Update: js-jquery-ui-1.13.0-1.fc34

2021-11-20 01:11:49

nessus

Fedora 36 : drupal7 (2022-9d655503ea)

2022-12-23 00:00:00

Fedora 35 : drupal7 (2022-bf18450366)

2022-12-22 00:00:00

Drupal 7.x < 7.86 / 9.2.x < 9.2.11 / 9.3.x < 9.3.3 Multiple Vulnerabilities (drupal-2022-01-19)

2022-01-19 00:00:00

drupal

Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002

2022-01-19 00:00:00

jQuery UI Datepicker - Moderately critical - Cross Site Scripting - SA-CONTRIB-2022-004

2022-01-19 00:00:00

Drupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012

2022-07-20 00:00:00

osv

drupal7 - security update

2022-01-19 00:00:00

jqueryui vulnerabilities

2023-10-05 12:36:27

jqueryui - security update

2022-12-07 00:00:00

debian

[SECURITY] [DLA-2889-1] drupal7 security update

2022-01-19 20:00:29

[SECURITY] [DLA 3230-1] jqueryui security update

2022-12-07 10:30:00

[SECURITY] [DSA 3249-1] jqueryui security update

2015-05-03 14:28:26

ibm

Security Bulletin: IBM Security QRadar SOAR is using a component vulnerable to Cross Site Scripting (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184)

2022-03-03 17:06:48

Security Bulletin: Multiple vulnerabilities identified in jQuery-UI affects IBM Engineering Lifecycle Optimization - Publishing

2023-10-04 08:27:50

Security Bulletin: Multiple vulnerabilities in jQuery-UI affect IBM Tivoli Netcool Impact (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184)

2021-12-10 10:54:12

ubuntu

jQuery UI vulnerabilities

2023-10-05 00:00:00

jQuery UI vulnerability

2022-09-09 00:00:00

K50455702 : jQuery vulnerabilities CVE-2021-41182, CVE-2021-41183, and CVE-2021-41184

2022-03-28 00:00:00

K95208524 : jQuery vulnerability CVE-2016-7103

2017-11-13 00:00:00

K51110104 : XSS vulnerabilities CVE-2010-5312 and CVE-2012-6662

2017-07-19 00:00:00

checkpoint_advisories

jQuery UI Datepicker Widget Cross Site Scripting (CVE-2021-41182; CVE-2021-41183)

2022-03-14 00:00:00

jQuery UI Cross-site Scripting (CVE-2016-7103)

2022-10-23 00:00:00

jQuery UI Cross-site Scripting (CVE-2021-41184)

2022-10-19 00:00:00

redhat

(RHSA-2022:4711) Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update

2022-05-26 16:04:07

(RHSA-2016:2932) Low: python-XStatic-jquery-ui security update

2016-12-08 16:02:28

(RHSA-2017:0161) Low: python-XStatic-jquery-ui security update

2017-01-19 13:13:57

cve

CVE-2022-25271

2022-02-16 23:15:00

CVE-2016-7103

2017-03-15 16:59:00

CVE-2010-5312

2014-11-24 16:59:00

alpinelinux

CVE-2022-25271

2022-02-16 23:15:00

CVE-2016-7103

2017-03-15 16:59:00

CVE-2021-41182

2021-10-26 15:15:00

debiancve

CVE-2022-25271

2022-02-16 23:15:00

CVE-2016-7103

2017-03-15 16:59:00

CVE-2021-41182

2021-10-26 15:15:00

github

Improper input validation in Drupal core

2022-02-18 00:00:37

Cross-site Scripting in jquery-ui

2017-10-24 18:33:38

jQuery-UI vulnerable to Cross-site Scripting in dialog closeText

2017-10-24 18:33:35

veracode

Insecure Validation

2022-02-18 06:04:08

Cross-site Scripting (XSS) Via Dialog CloseText

2019-01-15 09:14:35

Cross-site Scripting (XSS)

2019-01-15 09:06:57

prion

Input validation

2022-02-16 23:15:00

Cross site scripting

2014-11-24 16:59:00

Cross site scripting

2017-03-15 16:59:00

ubuntucve

CVE-2022-25271

2022-02-16 00:00:00

CVE-2022-25275

2023-04-26 00:00:00

CVE-2010-5312

2014-11-24 00:00:00

attackerkb

CVE-2016-7103

2017-03-15 00:00:00

openvas

Fedora Update for python-XStatic-jquery-ui FEDORA-2017-1bf5a0ce01

2017-11-23 00:00:00

Fedora Update for python-XStatic-jquery-ui FEDORA-2017-e2d17af41e

2017-11-23 00:00:00

Debian Security Advisory DSA 3249-1 (jqueryui - security update)

2015-05-03 00:00:00

securityvulns

[SECURITY] [DSA 3249-1] jqueryui security update

2015-05-11 00:00:00

mageia

Updated couchdb packages fix CVE-2010-5312

2014-12-31 15:28:04

redhatcve

CVE-2016-7103

2016-08-29 07:18:37

CVE-2021-41184

2021-11-01 17:41:18

CVE-2021-41182

2021-11-01 17:41:12

atlassian

The jQuery version used in JIRA needs to be updated

2015-05-18 09:31:54

The jQuery version used in JIRA needs to be updated

2015-05-18 09:31:54

nodejs

XSS in dialog closeText

2016-07-21 20:53:40

redos

ROS-20220225-02

2022-02-25 00:00:00

oraclelinux

ipa security and bug fix update

2015-07-28 00:00:00

ipa security, bug fix, and enhancement update

2015-03-11 00:00:00

centos

ipa security update

2015-03-17 13:28:21

ipa security update

2015-07-26 14:13:07

threatpost

Oracle Fixes 253 Vulnerabilities in Last CPU of 2016

2016-10-19 13:39:40

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.1%

JSON

Related for FEDORA:EA85730AFE74