16 matches found
CVE-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
CVE-2020-13663
Removed by vendor...
CVE-2020-13663
CVE-2020-13663 affects Drupal Core Form API, where improper handling of certain cross-site request form input could enable other vulnerabilities. The issue concerns Drupal’s core, specifically its Form API processing. Impact is stated as enabling related vulnerabilities (no explicit exploitation ...
CVE-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
Security Bulletin: IBM API Connect is vulnerable to cross-site request forgery (CSRF) (CVE-2020-13663)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-13663 DESCRIPTION: Drupal core is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the Form API. By persuading an authenticated user to visit a...
Fedora 32 : drupal7 (2020-0b32a59b54)
https://www.drupal.org/project/drupal/releases/7.72 - Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004 / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - Drupal core - Moderately critical - Cross...
Fedora 31 : drupal7 (2020-fbb94073a1)
https://www.drupal.org/project/drupal/releases/7.72 - Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004 / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - Drupal core - Moderately critical - Cross...
Fedora: Security Advisory for drupal7 (FEDORA-2020-0b32a59b54)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2263-1 : drupal7 security update
CVE-2020-13663 - Drupal SA 2020-004 The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. For Debian 8 'Jessie', this problem has been fixed in version 7.32-1+deb8u19. We recommend that you upgrade your drupal7...
[SECURITY] [DLA 2263-1] drupal7 security update
Package : drupal7 Version : 7.32-1+deb8u19 CVE ID : CVE-2020-13663 Debian Bug : CVE-2020-13663 - Drupal SA 2020-004 The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. For Debian 8 "Jessie", this problem has been...
Drupal 8.9.x < 8.9.1 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...
Drupal 9.0.x < 9.0.1 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...
Drupal 8.8.x < 8.8.8 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...
Debian DSA-4706-1 : drupal7 - security update
It was discovered that Drupal, a fully-featured content management framework, was suspectible to cross site request forgery. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2020-004 C Tenable Network Security, Inc. The descriptive text and packa...
Drupal 7.x, 8.x, 9.x CSRF Vulnerability (SA-CORE-2020-004) - Linux
Drupal is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal...
[SECURITY] [DSA 4706-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4706-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2020 https://www.debian.org/security/faq -...