7 High
AI Score
Confidence
Low
The Contextual Links module doesn’t sufficiently validate the requested contextual links. This vulnerability is mitigated by the fact that an attacker must have a role with the permission “access contextual links”.
github.com/drupal/drupal
github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-5.yaml
www.drupal.org/sa-core-2018-006