The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote attackers to cause a denial of service via a crafted URL.
CPE | Name | Operator | Version |
---|---|---|---|
drupal/drupal | lt | 8.2.3 | |
drupal/core | lt | 8.2.3 |
www.securityfocus.com/bid/94367
github.com/advisories/GHSA-jpj8-49hr-wcwv
github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9452.yaml
github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9452.yaml
nvd.nist.gov/vuln/detail/CVE-2016-9452
www.drupal.org/SA-CORE-2016-005