4 matches found
Drupal 8.x < 8.2.7 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configured text editor e.g...
Drupal Multiple Vulnerabilities (SA-2017-001) - Windows
Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...
CVE-2017-6379
Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID...
drupal8 -- multiple vulnerabilities
Drupal Security Team reports: CVE-2017-6377: Editor module incorrectly checks access to inline private files CVE-2017-6379: Some admin paths were not protected with a CSRF token CVE-2017-6381: Remote code execution...