Drupal 8.x < 8.4.5 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists with the Comment Reply Form. An authenticated remote attacker could add or view comments that they do not have access to. CVE-2017-6926 - A flaw exists with the...

Drupal 7.x < 7.57 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists with the Comment Reply Form. An authenticated remote attacker could add or view comments that they do not have access to. CVE-2017-6926 - A flaw exists with the...

Access Restriction Bypass

drupal is vulnerable to access restriction bypass. The bypass is possible because Settings Tray module lack a correct check for permission to update certain data...

Drupal 8.x < 8.4.5 Multiple Vulnerabilities (SA-CORE-2018-001)

According to its self-reported version, the instance of Drupal running on the remote web server is 8.x prior to 8.4.5. It is, therefore, affected by multiple vulnerabilities : - A flaw exists with the Comment Reply Form. An authenticated remote attacker could add or view comments that they do not...

Drupal Access Control Bypass Vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.Settings Tray module is one of the Tray settings modules. A security vulnerability exists in the Settings Tray module in Drupal. An attacker can exploit this vulnerability to update...

Drupal Core Multiple Vulnerabilities (SA-CORE-2018-001) - Linux

Drupal is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...