4 matches found
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Drupal security advisories and apply the...
Drupal 8.x, 9.x < 9.2.11, 9.3.x < 9.3.3 XSS Vulnerability (SA-CORE-2022-001) - Windows
Drupal is prone to a cross-site scripting XSS vulnerability in jQuery UI. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...
Drupal 8.x, 9.x < 9.2.11, 9.3.x < 9.3.3 XSS Vulnerability (SA-CORE-2022-001) - Linux
Drupal is prone to a cross-site scripting XSS vulnerability in jQuery UI. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2022-001
jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. As part of this 1.13.0 update, they disclosed the following security issu...