7 matches found
CVE-2020-13668
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6...
CVE-2020-13668 Access bypass in Drupal Core 8/9
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6...
CVE-2020-13668
CVE-2020-13668 refers to an access-bypass in Drupal Core. Affected are Drupal Core 8.8.x before 8.8.10; 8.9.x before 8.9.6; and 9.0.x before 9.0.6, where HTML rendering in affected forms can be exploited. The vulnerability is addressed by Drupal core patches: upgrade to 8.8.10, 8.9.6, or 9.0.6 (a...
Fedora 32 : drupal8 (2020-d50d74d6f2)
https://www.drupal.org/project/drupal/releases/8.9.11 - https://www.drupal.org/project/drupal/releases/8.9.10 - https://www.drupal.org/sa-core-2020-013 CVE-2020-28948 / CVE-2020-28949 - https://www.drupal.org/project/drupal/releases/8.9.9 - https://www.drupal.org/sa-core-2020-012 CVE-2020-13671 -...
Drupal 8.x, 9.x Multiple Vulnerabilities (SA-CORE-2020-008, SA-CORE-2020-009, SA-CORE-2020-010, SA-CORE-2020-011) - Linux
Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...
Vulnerabilities fixed in Drupal
Vulnerabilities have been fixed in Drupal. The vulnerabilities allow a malicious person to perform attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Accessing sensitive data The vulnerability with attribute CVE-2020-13668...
CVE-2020-13668
Drupal 8 and 9 have a reflected cross-site scripting XSS vulnerability under certain circumstances. An attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. Recent assessments: wvu-r7 at September 17, 2020 4:03pm UTC reported: This is...