Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.29 views

Drupal 8.x < 8.2.7 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configured text editor e.g...

8.1CVSS8.5AI score0.03901EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2017/03/17 12:0 a.m.27 views

Drupal Multiple Vulnerabilities (SA-2017-001) - Windows

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

8.1CVSS7.7AI score0.03901EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/03/16 2:59 p.m.19 views

CVE-2017-6377

When adding a private file via the editor in Drupal 8.2.x before 8.2.7, the editor will not correctly check access for the file being attached, resulting in an access bypass...

7.5CVSS7.1AI score0.01891EPSS
Exploits0References2
CVE
CVE
added 2017/03/16 2:0 p.m.120 views

CVE-2017-6377

CVE-2017-6377 affects Drupal 8.2.x prior to 8.2.7. The editor module fails to properly check access when attaching private files, causing an access bypass. Documents reference the Drupal editor access issue (SA-2017-001) and multiple advisories; affected versions are Drupal 8.x before 8.2.7. Reme...

7.5CVSS7.5AI score0.01891EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/03/16 2:0 p.m.32 views

CVE-2017-6377

When adding a private file via the editor in Drupal 8.2.x before 8.2.7, the editor will not correctly check access for the file being attached, resulting in an access bypass...

7.6AI score0.01891EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2017/03/15 12:0 a.m.21 views

drupal8 -- multiple vulnerabilities

Drupal Security Team reports: CVE-2017-6377: Editor module incorrectly checks access to inline private files CVE-2017-6379: Some admin paths were not protected with a CSRF token CVE-2017-6381: Remote code execution...

8.1CVSS8AI score0.03901EPSS
Exploits0References1
Rows per page
Query Builder