Lucene search
K

10 matches found

Check Point Advisories
Check Point Advisories
added 2019/11/25 12:0 a.m.7 views

Drupal Core file_create_filename Stored Cross-Site Scripting (CVE-2019-6341)

A stored cross-site scripting vulnerability exists in the File module of Drupal Core. The vulnerability is due to improper handling of the filename parameter provided for file uploads to the File module. Successful exploitation could result in the execution of arbitrary script code...

3.5CVSS1.8AI score0.12408EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/09 1:20 a.m.25 views

Security Bulletin: IBM API Connect Developer Portal is impacted by Cross Site Scripting(XSS) in Drupal core (CVE-2019-6341)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: Not Applicable DESCRIPTION: AddToAny Share Buttons Module for Drupal is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could...

5.4CVSS0.6AI score0.12408EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.31 views

Fedora 28 : drupal7 (2019-2fbce03df3)

https://www.drupal.org/project/drupal/releases/7.65 - https://www.drupal.org/SA-CORE-2019-004 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

5.4CVSS6.2AI score0.12408EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.29 views

Fedora 29 : drupal8 (2019-1d9be4b853)

https://www.drupal.org/project/drupal/releases/8.6.13 - https://www.drupal.org/SA-CORE-2019-004 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

5.4CVSS6.2AI score0.12408EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.29 views

Fedora 28 : drupal8 (2019-79bd99f9a8)

https://www.drupal.org/project/drupal/releases/8.6.13 - https://www.drupal.org/SA-CORE-2019-004 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

5.4CVSS6.2AI score0.12408EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.22 views

Fedora 29 : drupal7 (2019-35589cfcb5)

https://www.drupal.org/project/drupal/releases/7.65 - https://www.drupal.org/SA-CORE-2019-004 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

5.4CVSS6.2AI score0.12408EPSS
Exploits0References3
OSV
OSV
added 2019/03/26 6:29 p.m.14 views

CVE-2019-6341

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability...

5.4CVSS5.2AI score
Exploits0References7
CVE
CVE
added 2019/03/26 6:4 p.m.135 views

CVE-2019-6341

Drupal core File module allows stored cross-site scripting due to improper handling of the filename parameter during uploads. Affected versions are Drupal 7 prior to 7.65; Drupal 8.6 prior to 8.6.13; Drupal 8.5 prior to 8.5.14. Exploitation could lead to executing arbitrary script code in the con...

5.4CVSS5.4AI score0.12408EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2019/03/22 12:0 a.m.22 views

Drupal XSS Vulnerability (SA-CORE-2019-004) - Windows

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

5.4CVSS5.6AI score0.12408EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/03/22 12:0 a.m.30 views

Drupal XSS Vulnerability (SA-CORE-2019-004) - Linux

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

5.4CVSS5.6AI score0.12408EPSS
Exploits0References1
Rows per page
Query Builder