Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2020/03/19 12:0 a.m.75 views

Drupal 8.x CKEditor XSS Vulnerability (SA-CORE-2020-001) - Linux

Drupal is prone to a cross-site scripting XSS vulnerability in a third-party library. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

6.1CVSS5.8AI score0.04327EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/03/19 12:0 a.m.80 views

Drupal 8.x CKEditor XSS Vulnerability (SA-CORE-2020-001) - Windows

Drupal is prone to a cross-site scripting XSS vulnerability in a third-party library. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

6.1CVSS5.8AI score0.04327EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/19 12:0 a.m.33 views

Drupal 8.7.x < 8.7.12 / 8.8.x < 8.8.4 Drupal Vulnerability (SA-CORE-2020-001) (drupal-2020-03-18)

According to its self-reported version, the instance of Drupal running on the remote web server is 8.7.x prior to 8.7.12 or 8.8.x prior to 8.8.4. It is, therefore, affected by a vulnerability. - The Drupal project uses the third-party library CKEditor, which has released a security improvement th...

5.7AI score
Exploits0References5
Drupal
Drupal
added 2020/03/18 12:0 a.m.32 views

Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001

The Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations. Vulnerabilities are possible if Drupal is configured to use the WYSIWYG CKEditor for your site's users. An attacker that can create or edit...

5.9AI score
Exploits0References3
Rows per page
Query Builder