drupal -- Drupal core - Moderately critical - Cross Site Scripting

2019-03-20T00:00:00
ID 94D63FD7-508B-11E9-9BA0-4C72B94353B5
Type freebsd
Reporter FreeBSD
Modified 2019-03-28T00:00:00

Description

Drupal Security Team reports:

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.