6 matches found
Debian DLA-1550-1 : drupal7 security update
It was discovered that there was a remote code execution and an external URL injection vulnerability in the Drupal content management framework. For more information, please see : https://www.drupal.org/sa-core-2018-006 For Debian 8 'Jessie', these issues have been fixed in drupal7 version...
Debian: Security Advisory (DLA-1550-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Drupal Core - Multiple Vulnerabilities - SA-CORE-2018-006
Content moderation - Moderately critical - Access bypass - Drupal 8 In some conditions, content moderation fails to check a users access to use certain transitions, leading to an access bypass. In order to fix this issue, the following changes have been made to content moderation which may have...
MGASA-2016-0413 Updated drupal packages fix security vulnerability
Inconsistent name for term access query; information on taxonomy terms might have been disclosed to unprivileged users CVE-2016-9449. Confirmation forms allow external URLs to be injected CVE-2016-9451...
External URL injection through URL aliases - Moderately Critical - Open Redirect
More info at https://www.drupal.org/sa-core-2018-006...
External URL injection through URL aliases - Moderately Critical - Open Redirect
More info at https://www.drupal.org/sa-core-2018-006...