Lucene search
+L

7 matches found

OSV
OSV
added 2022/02/11 4:15 p.m.26 views

CVE-2020-13668

Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6...

6.1CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 2022/02/11 3:15 p.m.30 views

CVE-2020-13668 Access bypass in Drupal Core 8/9

Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6...

6.6AI score0.00681EPSS
Exploits0References1
CVE
CVE
added 2022/02/11 3:15 p.m.141 views

CVE-2020-13668

CVE-2020-13668 refers to an access-bypass in Drupal Core. Affected are Drupal Core 8.8.x before 8.8.10; 8.9.x before 8.9.6; and 9.0.x before 9.0.6, where HTML rendering in affected forms can be exploited. The vulnerability is addressed by Drupal core patches: upgrade to 8.8.10, 8.9.6, or 9.0.6 (a...

6.1CVSS6.6AI score0.00681EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/15 12:0 a.m.40 views

Fedora 32 : drupal8 (2020-d50d74d6f2)

https://www.drupal.org/project/drupal/releases/8.9.11 - https://www.drupal.org/project/drupal/releases/8.9.10 - https://www.drupal.org/sa-core-2020-013 CVE-2020-28948 / CVE-2020-28949 - https://www.drupal.org/project/drupal/releases/8.9.9 - https://www.drupal.org/sa-core-2020-012 CVE-2020-13671 -...

8.8CVSS7AI score0.84554EPSS
Exploits5References16
OpenVAS
OpenVAS
added 2020/09/17 12:0 a.m.20 views

Drupal 8.x, 9.x Multiple Vulnerabilities (SA-CORE-2020-008, SA-CORE-2020-009, SA-CORE-2020-010, SA-CORE-2020-011) - Linux

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

7.5CVSS7AI score0.01106EPSS
Exploits0References4
NCSC
NCSC
added 2020/09/17 12:0 a.m.3 views

Vulnerabilities fixed in Drupal

Vulnerabilities have been fixed in Drupal. The vulnerabilities allow a malicious person to perform attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Accessing sensitive data The vulnerability with attribute CVE-2020-13668...

7.5CVSS6.4AI score0.02925EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/09/17 12:0 a.m.39 views

CVE-2020-13668

Drupal 8 and 9 have a reflected cross-site scripting XSS vulnerability under certain circumstances. An attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. Recent assessments: wvu-r7 at September 17, 2020 4:03pm UTC reported: This is...

0.4AI score0.00681EPSS
Exploits0References2
Rows per page
Query Builder