6 matches found
EUVD-2024-51489
Malicious code in bioql PyPI...
The vulnerability of the Drupal File Entity CMS system, related to the lack of measures taken to protect the website structure, allows attackers to bypass security restrictions and perform cross-site scripting attacks.
The vulnerability of the Drupal File Entity CMS system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and perform cross-site scripting attacks...
CVE-2024-13276
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity fieldable files allows Forceful Browsing.This issue affects File Entity fieldable files: from 7.X- before 7.X-2.39...
CVE-2024-13237 File Entity (fieldable files) - Moderately critical - Cross Site Scripting, Access bypass - SA-CONTRIB-2024-001
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal File Entity fieldable files allows Cross-Site Scripting XSS.This issue affects File Entity fieldable files: from 7.X- before 7.X-2.38...
CVE-2024-13237 File Entity (fieldable files) - Moderately critical - Cross Site Scripting, Access bypass - SA-CONTRIB-2024-001
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal File Entity fieldable files allows Cross-Site Scripting XSS.This issue affects File Entity fieldable files: from 7.X- before 7.X-2.38...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal File Entity fieldable files versions 7.X- through 7.X-2.39, which stems from the inclusion of a sensitive information disclosure issue...