Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/08/24 4:20 p.m.11 views

Security Bulletin: IBM API Connect is impacted by a cross site scripting vulnerability in Drupal core SA-CORE-2021-002

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details Third Party Entry: 200544 DESCRIPTION: Drupal core is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the sanitization API. A remote authenticated attacker could...

0.9AI score
Exploits0
OpenVAS
OpenVAS
added 2021/04/24 12:0 a.m.26 views

Debian: Security Advisory (DLA-2637-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.00671EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/22 12:0 a.m.20 views

Drupal 7.x, 8.x, 9.x XSS Vulnerability (SA-CORE-2021-002) - Linux

Drupal is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

6.1CVSS6.1AI score0.00671EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/04/22 12:0 a.m.22 views

Drupal 7.x, 8.x, 9.x XSS Vulnerability (SA-CORE-2021-002) - Windows

Drupal is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

6.1CVSS6.1AI score0.00671EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/04/22 12:0 a.m.19 views

Drupal 7.x < 7.80 / 8.9.x < 8.9.14 / 9.x < 9.0.12 / 9.1.x < 9.1.7 XSS (SA-CORE-2021-002)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.80, 8.9.x prior to 8.9.14, 9.x prior to 9.0.12, or 9.1.x prior to 9.1.7. It is, therefore, affected by a vulnerability. - Drupal core's sanitization API fails to properly filter...

5.2AI score
Exploits0References5
Drupal
Drupal
added 2021/04/21 12:0 a.m.57 views

Drupal core - Critical - Cross-site scripting - SA-CORE-2021-002

Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. Not all sites and users are affected, but configuration changes to prevent the exploit might be impractical and will vary between sites. Therefore, we recommend all sites update to this relea...

6.1CVSS1.5AI score0.00671EPSS
Exploits0References18
Rows per page
Query Builder