Remote Code Execution (RCE)

drupal/core is vulnerable to Remote Code Execution. The vulnerability is due to the Contextual Links module not properly validating the contextual links requested by users, which may result in Remote Code Execution...

Remote Code Execution

drupal/drupal is vulnerable to Remote Code Execution. The vulnerability is due to the Contextual Links module not properly validating the contextual links requested by users, which may result in Remote Code Execution...

GHSA-JJX7-8462-W4M4 Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution

The Contextual Links module doesn't sufficiently validate the requested contextual links. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access contextual links"...

Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution

The Contextual Links module doesn't sufficiently validate the requested contextual links. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access contextual links"...

GHSA-7V68-3PR5-H3CR Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution

The Contextual Links module doesn't sufficiently validate the requested contextual links. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access contextual links"...

Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution

The Contextual Links module doesn't sufficiently validate the requested contextual links. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access contextual links"...

PT-2024-40345 · Unknown · Contextual Links

Name of the Vulnerable Software and Affected Versions: Contextual Links module affected versions not specified Description: The issue arises from insufficient validation of requested contextual links by the Contextual Links module. However, the risk is mitigated because an attacker would need to...

Drupal 8.6.x < 8.6.2 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists in content moderation that could lead to an access bypass. - A flaw exists in path module that could allow users with the administer paths to enter a particular...

Drupal Core Multiple Security Vulnerabilities (SA-CORE-2018-006) - Linux

Drupal is prone to multiple security vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Critical RCE Bugs Patched in Drupal 7 and 8

Drupal is urging users to upgrade to the latest release that fixes two critical remote code execution bugs impacting Drupal 7 and Drupal 8. Developers have also identified three additional “moderately critical” vulnerabilities. “A remote attacker could exploit some of these vulnerabilities to tak...

Contextual Links validation - Critical - Remote Code Execution

More info at https://www.drupal.org/sa-core-2018-006...

Contextual Links validation - Critical - Remote Code Execution

More info at https://www.drupal.org/sa-core-2018-006...