Linux Distros Unpatched Vulnerability : CVE-2020-13670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they ...

GHSA-C533-C843-67H8 Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor

Cross-site Scripting XSS vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6...

PT-2020-13649 · Drupal · Drupal Core

Name of the Vulnerable Software and Affected Versions: Drupal Core versions prior to 8.8.10 Drupal Core versions prior to 8.9.6 Drupal Core versions prior to 9.0.6 Description: The issue is related to an Access Bypass vulnerability in Drupal Core, where an attacker can exploit the way HTML is...

PT-2020-13648 · Drupal · Drupal Core

Name of the Vulnerable Software and Affected Versions: Drupal Core versions prior to 8.8.10 Drupal Core versions prior to 8.9.6 Drupal Core versions prior to 9.0.6 Description: The issue is an access bypass vulnerability in the Workspaces module of Drupal Core, which fails to properly check acces...