PT-2020-14317 · Grocy · Grocy

Name of the Vulnerable Software and Affected Versions: Grocy versions = 2.7.1 Description: The issue is related to Cross-Site Scripting that can be exploited via the Create Shopping List module when it is deleted. This problem is also present in other modules, including users, batteries, chores,...

DRUPAL-CONTRIB-2018-073

The Paragraphs module allows Drupal Site Builders to make content organization cleaner so that you can give more editing power to end-users. The module doesn't sufficiently check access to create new paragraph entities which can cause access bypass issues when used in combination with other...