Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:48 a.m.5 views

SUSE CVE-2017-6927

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain JavaScript function which is used to escape potentially dangerous text before outputting it to HTML as JavaScript output does not typically go through Twig autoescaping. This function does not correctly...

6.1CVSS6.2AI score0.01705EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.104 views

Fedora 28 : drupal8 (2018-906ba26b4d) (Drupalgeddon 2)

8.4.6 - SA-CORE-2018-002 CVE-2018-7600 - 8.4.5 - SA-CORE-2018-001 CVE-2017-6926 / CVE-2017-6927 / CVE-2017-6930 / CVE-2017-6931 - 8.4.4 - 8.4.3 - 8.4.2 - 8.4.1 - 8.4.0 - 8.4.0-rc2 - 8.4.0-rc1 - 8.4.0-beta1 - 8.4.0-alpha1 Note that Tenable Network Security has extracted the preceding description...

9.8CVSS7.4AI score0.99993EPSS
Exploits47References6
OpenVAS
OpenVAS
added 2018/05/12 12:0 a.m.55 views

Fedora Update for drupal7 FEDORA-2018-2359c2ae0e

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.99993EPSS
Exploits58References4
OpenVAS
OpenVAS
added 2018/05/12 12:0 a.m.39 views

Fedora Update for drupal8 FEDORA-2018-1ba93b3144

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.99993EPSS
Exploits59References4
OpenVAS
OpenVAS
added 2018/05/12 12:0 a.m.43 views

Fedora Update for drupal7 FEDORA-2018-b9ad458866

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.99993EPSS
Exploits58References4
OpenVAS
OpenVAS
added 2018/04/25 12:0 a.m.37 views

Fedora Update for drupal8 FEDORA-2018-922cc2fbaa

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.99993EPSS
Exploits54References4
OpenVAS
OpenVAS
added 2018/04/25 12:0 a.m.75 views

Fedora Update for drupal8 FEDORA-2018-6e6d8c314b

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.99993EPSS
Exploits47References4
Tenable Nessus
Tenable Nessus
added 2018/04/24 12:0 a.m.255 views

Fedora 26 : drupal8 (2018-922cc2fbaa) (Drupalgeddon 2)

8.3.9 - SA-CORE-2018-002 CVE-2018-7600 - 8.3.8 - SA-CORE-2018-001 CVE-2017-6926 / CVE-2017-6927 / CVE-2017-6930 / CVE-2017-6931 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...

9.8CVSS7.4AI score0.99993EPSS
Exploits47References7
OpenVAS
OpenVAS
added 2018/03/26 12:0 a.m.26 views

Debian: Security Advisory (DLA-1295-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.4AI score0.01705EPSS
Exploits0References4
NVD
NVD
added 2018/03/01 11:29 p.m.19 views

CVE-2017-6927

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain JavaScript function which is used to escape potentially dangerous text before outputting it to HTML as JavaScript output does not typically go through Twig autoescaping. This function does not correctly...

6.1CVSS6AI score0.01705EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/03/01 11:29 p.m.26 views

CVE-2017-6927

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain JavaScript function which is used to escape potentially dangerous text before outputting it to HTML as JavaScript output does not typically go through Twig autoescaping. This function does not correctly...

6.1CVSS6.8AI score0.01705EPSS
Exploits0References2
OSV
OSV
added 2018/03/01 11:29 p.m.26 views

CVE-2017-6927

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain JavaScript function which is used to escape potentially dangerous text before outputting it to HTML as JavaScript output does not typically go through Twig autoescaping. This function does not correctly...

6.1CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added 2018/03/01 10:0 p.m.40 views

CVE-2017-6927

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain JavaScript function which is used to escape potentially dangerous text before outputting it to HTML as JavaScript output does not typically go through Twig autoescaping. This function does not correctly...

6.5AI score0.01705EPSS
Exploits0References4
CVE
CVE
added 2018/03/01 10:0 p.m.88 views

CVE-2017-6927

CVE-2017-6927 affects Drupal 8.4.x before 8.4.5 and 7.x before 7.57. The issue is a flaw in the Drupal.checkPlain() JavaScript escaping function, which fails to sanitize certain HTML injection methods, enabling cross-site scripting under certain circumstances. The PHP HTML escaping functions are ...

6.1CVSS6.3AI score0.01705EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/01 12:0 a.m.68 views

Drupal 7.x < 7.57 Multiple Vulnerabilities (SA-CORE-2018-001)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.57. It is, therefore, affected by multiple vulnerabilities : - A flaw exists with the Drupal.checkPlain function due to improper handling of HTML injection. A remote attacker, with a...

6.1CVSS6.8AI score0.01705EPSS
Exploits0References6
Rows per page
Query Builder