4 matches found
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Drupal security advisories and apply the...
Drupal 7.x < 7.86 Multiple XSS Vulnerabilities (SA-CORE-2022-002) - Linux
Drupal is prone to multiple cross-site scripting XSS vulnerabilities in jQuery UI. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Drupal 7.x < 7.86 Multiple XSS Vulnerabilities (SA-CORE-2022-002) - Windows
Drupal is prone to multiple cross-site scripting XSS vulnerabilities in jQuery UI. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002
jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-2022-001, further security...