6 matches found
Drupal 8.x < 8.2.7 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configured text editor e.g...
Drupal Multiple Vulnerabilities (SA-2017-001) - Windows
Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...
CVE-2017-6377
When adding a private file via the editor in Drupal 8.2.x before 8.2.7, the editor will not correctly check access for the file being attached, resulting in an access bypass...
CVE-2017-6377
CVE-2017-6377 affects Drupal 8.2.x prior to 8.2.7. The editor module fails to properly check access when attaching private files, causing an access bypass. Documents reference the Drupal editor access issue (SA-2017-001) and multiple advisories; affected versions are Drupal 8.x before 8.2.7. Reme...
CVE-2017-6377
When adding a private file via the editor in Drupal 8.2.x before 8.2.7, the editor will not correctly check access for the file being attached, resulting in an access bypass...
drupal8 -- multiple vulnerabilities
Drupal Security Team reports: CVE-2017-6377: Editor module incorrectly checks access to inline private files CVE-2017-6379: Some admin paths were not protected with a CSRF token CVE-2017-6381: Remote code execution...