Lucene search
K
DrupalRecent

1940 matches found

Drupal
Drupal
added 2021/01/27 12:0 a.m.20 views

Open Social - Moderately critical - Access bypass - SA-CONTRIB-2021-001

The optional Social Auth Extra module enables you to use the single sign-on methods provided by Open Social e.g. Facebook, LinkedIn, Google and Twitter. The module doesn't implement a proper cache strategy for anonymous users allowing the registration form to be cached with disclosed information ...

6.3AI score
Exploits0References6
Drupal
Drupal
added 2021/01/20 12:0 a.m.51 views

Drupal core - Critical - Third-party libraries - SA-CORE-2021-001

The Drupal project uses the pear ArchiveTar library, which has released a security update that impacts Drupal. For more information please see: CVE-2020-36193 Exploits may be possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz file uploads and processes them...

7.5CVSS1.7AI score0.70595EPSS
Exploits0References16
Drupal
Drupal
added 2020/11/25 12:0 a.m.176 views

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-013

The Drupal project uses the PEAR ArchiveTar library. The PEAR ArchiveTar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...

7.8CVSS1.5AI score0.84554EPSS
Exploits5References15
Drupal
Drupal
added 2020/11/18 12:0 a.m.7 views

Examples for Developers - Critical - Remote Code Execution - SA-CONTRIB-2020-035

The File Example submodule within the Examples project does not properly sanitize certain filenames as described in SA-CORE-2020-012, along with other related vulnerabilities. Therefore, File Example so is being removed from Examples until a version demonstrating file security best practices can...

5.5AI score
Exploits0References11Affected Software1
Drupal
Drupal
added 2020/11/18 12:0 a.m.13 views

Ink Filepicker - Critical - Unsupported - SA-CONTRIB-2020-037

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. It looks like the 3rd party service that this module integrates with may have been retired. If you would like to maintain this project nevertheless,...

6.7AI score
Exploits0References2
Drupal
Drupal
added 2020/11/18 12:0 a.m.15 views

Media: oEmbed - Critical - Remote Code Execution - SA-CONTRIB-2020-036

Media oEmbed does not properly sanitize certain filenames as described in SA-CORE-2020-012...

6.7AI score
Exploits0References7
Drupal
Drupal
added 2020/11/18 12:0 a.m.114 views

Drupal core - Critical - Remote code execution - SA-CORE-2020-012

Update November 18: Documented longer list of dangerous file extensions Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting...

8.8CVSS1.7AI score0.04269EPSS
Exploits0References31
Drupal
Drupal
added 2020/11/18 12:0 a.m.15 views

SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider - Critical - Access bypass - SA-CONTRIB-2020-038

This module enables your users residing at a SAML 2.0 compliant Identity Provider to login to your Drupal website. The module has two Authentication Bypass vulnerabilities...

6.6AI score
Exploits0References7
Drupal
Drupal
added 2020/10/14 12:0 a.m.16 views

Drupal OAuth Server ( OAuth / OIDC Provider) - Single Sign On ( SSO ) - Moderately critical - SQL Injection - SA-CONTRIB-2020-034

This module enables you login into any OAuth 2.0 compliant application using Drupal credentials. The 8.x branch of the module is vulnerable to SQL injection...

7.4AI score
Exploits0References7Affected Software1
Drupal
Drupal
added 2020/09/16 12:0 a.m.27 views

Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-007

The Drupal AJAX API does not disable JSONP by default, which can lead to cross-site scripting...

6.1CVSS1.1AI score0.02925EPSS
Exploits0References8
Drupal
Drupal
added 2020/09/16 12:0 a.m.47 views

Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-010

Drupal core's built-in CKEditor image caption functionality is vulnerable to XSS...

6.1CVSS2.2AI score0.00643EPSS
Exploits0References8
Drupal
Drupal
added 2020/09/16 12:0 a.m.36 views

Drupal core - Moderately critical - Information disclosure - SA-CORE-2020-011

A vulnerability exists in the File module which allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file...

7.5CVSS3.6AI score0.01106EPSS
Exploits0References16
Drupal
Drupal
added 2020/09/16 12:0 a.m.93 views

Drupal core - Critical - Cross-site scripting - SA-CORE-2020-009

Drupal 8 and 9 have a reflected cross-site scripting XSS vulnerability under certain circumstances. An attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability...

6.1CVSS0.7AI score0.00662EPSS
Exploits0References15
Drupal
Drupal
added 2020/09/16 12:0 a.m.44 views

Drupal core - Moderately critical - Access bypass - SA-CORE-2020-008

The experimental Workspaces module allows you to create multiple workspaces on your site in which draft content can be edited before being published to the live workspace. The Workspaces module doesn't sufficiently check access permissions when switching workspaces, leading to an access bypass...

5.3CVSS2.1AI score0.00928EPSS
Exploits0References7
Drupal
Drupal
added 2020/08/05 12:0 a.m.11 views

Group - Moderately critical - Information disclosure - SA-CONTRIB-2020-033

The Group module enables you to hand out permissions on a smaller subset, section or community of your website. Under very specific circumstances, where two group types support the same content, yet hand out different permissions, non-members of the first group type may use the set of permissions...

6.5AI score
Exploits0References3
Drupal
Drupal
added 2020/08/05 12:0 a.m.15 views

Group - Moderately critical - Information disclosure - SA-CONTRIB-2020-032

The Group module enables you to hand out permissions on a smaller subset, section or community of your website. With the 1.1 security release, new code was introduced to ensure proper access for all entity types, but a mistake introduced unexpected access to unpublished nodes...

6.8AI score
Exploits0References4
Drupal
Drupal
added 2020/07/29 12:0 a.m.12 views

Group - Critical - Information Disclosure - SA-CONTRIB-2020-030

This module enables you to hand out permissions on a smaller subset, section or community of your website. The module used to leverage the node grants system but turned it off in its recent 8.x-1.0 release in favor of a system that works for ALL entity types, not just nodes. By doing so, some...

6.3AI score
Exploits0References4Affected Software1
Drupal
Drupal
added 2020/07/29 12:0 a.m.5 views

Hostmaster (Aegir) - Moderately critical - Access bypass, Arbitrary code execution - SA-CONTRIB-2020-031

Aegir is a powerful hosting system that sits alongside a LAMP or LEMP server to create, deploy and manage Drupal sites. Given that Aegir can use both Apache and Nginx Web servers, Apache allows configuration-writing users to escalate their privileges to the superuser root, and Aegir's operations...

5.8AI score
Exploits0References16
Drupal
Drupal
added 2020/07/22 12:0 a.m.59 views

Modal Form - Critical - Access bypass - SA-CONTRIB-2020-029

The Modal form module is a toolset for quick start of using forms in modal windows. Any form is available for view and submit when the modalform module is installed. The only requirement is to know the form's fully-qualified class name...

6.6AI score
Exploits0References6
Drupal
Drupal
added 2020/07/22 12:0 a.m.15 views

Easy Breadcrumb - Moderately critical - Cross site scripting - SA-CONTRIB-2020-027

This module enables you to use the current URL path alias and the current page's title to automatically extract the breadcrumb's segments and its respective links then show them as breadcrumbs on your website. The module doesn't sufficiently sanitize editor input in certain circumstances leading ...

6AI score
Exploits0References6
Drupal
Drupal
added 2020/07/22 12:0 a.m.11 views

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2020-028

The Apigee Edge module allows connecting a Drupal site to Apigee Edge in order to build a developer portal. It contains an "Apigee Edge Teams" submodule that provides shared app functionality by allowing developers to be organized into teams. The "Apigee Edge Teams" submodule has an information...

6.1AI score
Exploits0References6
Drupal
Drupal
added 2020/07/01 12:0 a.m.18 views

Renderkit - Less critical - Access bypass - SA-CONTRIB-2020-026

The renderkit module contains components which can transform the display of field items sent to it. Some of these components do not respect the 'access' property on the field render element, and thus can make rendered field values visible to visitors who would otherwise not be allowed to see thos...

6.5AI score
Exploits0References6
Drupal
Drupal
added 2020/06/17 12:0 a.m.48 views

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-005

Drupal 8 and 9 have a remote code execution vulnerability under certain circumstances. An attacker could trick an administrator into visiting a malicious site that could result in creating a carefully named directory on the file system. With this directory in place, an attacker could attempt to...

9.3CVSS4.1AI score0.02978EPSS
Exploits0References13
Drupal
Drupal
added 2020/06/17 12:0 a.m.12 views

Internationalization - Moderately critical - Cross site scripting - SA-CONTRIB-2020-025

The Internationalization i18n module is a collection of modules to extend Drupal core multilingual capabilities and allows to build real life multilingual sites. A value in the term translation module is displayed without being escaped leading to a Cross Site Scripting XSS vulnerability. This...

5.9AI score
Exploits0References6
Drupal
Drupal
added 2020/06/17 12:0 a.m.43 views

Drupal core - Less critical - Access bypass - SA-CORE-2020-006

JSON:API PATCH requests may bypass validation for certain fields. By default, JSON:API works in a read-only mode which makes it impossible to exploit the vulnerability. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable...

9.8CVSS2.1AI score0.01275EPSS
Exploits0References5
Drupal
Drupal
added 2020/06/17 12:0 a.m.47 views

Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004

The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...

8.8CVSS1.5AI score0.00695EPSS
Exploits0References13
Drupal
Drupal
added 2020/06/10 12:0 a.m.30 views

Open ReadSpeaker - Moderately critical - Cross site scripting - SA-CONTRIB-2020-024

This module enables you to add a configured ReadSpeaker button for text-to-speech for your site visitors. The module doesn't sufficiently sanitize block configuration causing a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role wi...

5.8AI score
Exploits0References6
Drupal
Drupal
added 2020/06/10 12:0 a.m.15 views

YubiKey - Less critical - Access bypass - SA-CONTRIB-2020-023

This module enables you to use a Yubikey device to protect your Drupal user account. YubiKey is a secure method for logging into many websites using a cryptographically secure USB token. The module doesn't sufficiently implement login flood control when the module is configured for YubiKey OTP...

6.6AI score
Exploits0References7
Drupal
Drupal
added 2020/06/03 12:0 a.m.6 views

Services - Moderately critical - Access bypass - SA-CONTRIB-2020-022

This module provides a standardized solution for building API's so that external clients can communicate with Drupal. The module's taxonomy term index resource doesn't take into consideration certain access control tags provided but unused by core, that certain contrib modules depend on. This...

7AI score
Exploits0References5
Drupal
Drupal
added 2020/05/27 12:0 a.m.16 views

Password Reset Landing Page (PRLP) - Highly critical - Access bypass - SA-CONTRIB-2020-021

This module enables you to force a password update when using password reset link. The module doesn't sufficiently validate the login URL allowing a malicious user to use a specially crafted URL to log in as another user...

6.7AI score
Exploits0References8
Drupal
Drupal
added 2020/05/27 12:0 a.m.13 views

Commerce Core - Moderately critical - Access bypass - SA-CONTRIB-2020-020

Drupal Commerce is used to build eCommerce websites and applications. It's possible to configure commerce to permit orders by anonymous users. In this configuration, customers who do not choose to create an account upon checkout completion remain anonymous, and the resulting orders are never...

6.6AI score
Exploits0References8
Drupal
Drupal
added 2020/05/20 12:0 a.m.123 views

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002

The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are ... security issues in jQuery’s DOM manipulation methods, as in .html, .append, and the others. Security advisories for...

6.9CVSS0.2AI score0.99019EPSS
Exploits11References24
Drupal
Drupal
added 2020/05/20 12:0 a.m.42 views

Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003

Drupal 7 has an Open Redirect vulnerability. For example, a user could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. The vulnerability is caused by insufficient validation of the destination query parameter in the drupalgoto function...

6.1CVSS4.4AI score0.00864EPSS
Exploits0References6
Drupal
Drupal
added 2020/05/13 12:0 a.m.4 views

reCAPTCHA v3 - Critical - Access bypass - SA-CONTRIB-2020-019

The reCaptcha v3 module enables you to protect your forms using the Google reCaptcha V3. If the reCaptcha v3 challenge succeeds, all the other form validations are bypassed. This makes it possible for attackers to submit invalid or incomplete forms. This vulnerability only affects forms that are...

5.6AI score
Exploits0References8
Drupal
Drupal
added 2020/05/13 12:0 a.m.18 views

Webform - Critical - Access bypass - SA-CONTRIB-2020-018

This webform module enables you to build a 'Term checkboxes' element. The module doesn't sufficiently check term 'view' access when rendering 'Term checkboxes' elements. Unpublished terms will always appear in the 'Term checkboxes' element...

6.6AI score
Exploits0References7
Drupal
Drupal
added 2020/05/06 12:0 a.m.16 views

Webform - Moderately critical - Access bypass - SA-CONTRIB-2020-017

This module enables you to build forms and surveys in Drupal. The Webform Node sub-module allows these forms to be associated with a Drupal node. The Webform Node module does not implement access checking in the same manner as other nodes and entities. As such, writers of custom modules which...

6.7AI score
Exploits0References7
Drupal
Drupal
added 2020/05/06 12:0 a.m.16 views

Webform - Moderately critical - Cross site scripting - SA-CONTRIB-2020-015

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently sanitize Webform labels nor visibility conditions under the scenario of placing a block. When a webform block is placed and visible on a website any JavaScript code contained within the webform's label w...

6.5AI score
Exploits0References7
Drupal
Drupal
added 2020/05/06 12:0 a.m.15 views

Webform - Critical - Access bypass - SA-CONTRIB-2020-016

This webform module enables you to build 'Term select' and 'Term checkboxes' elements. The module doesn't sufficiently check term 'view' access when rendering the 'Term select' and 'Term checkboxes' elements. Unpublished terms will always appear in the 'Term select' and 'Term checkboxes' elements...

6.6AI score
Exploits0References6
Drupal
Drupal
added 2020/05/06 12:0 a.m.12 views

Webform - Moderately critical - Cross site scripting - SA-CONTRIB-2020-014

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently filter user input under in the scenario when a webform is edited, namely the message related to character min/max counter does not undergo sufficient filtering and thus allows execution of JavaScript cod...

6.6AI score
Exploits0References8
Drupal
Drupal
added 2020/05/06 12:0 a.m.19 views

Webform - Moderately critical - Cross site scripting - SA-CONTRIB-2020-013

The Webform module allows site builders to create forms. The module doesn't sufficiently prevent malicious code from being render via an options elements i.e select menu, checkboxes, radios, etc... under the scenario where the site builder allows the raw option value to be displayed. This...

6.7AI score
Exploits0References6
Drupal
Drupal
added 2020/05/06 12:0 a.m.19 views

Webform - Moderately critical - Access bypass - SA-CONTRIB-2020-012

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently validate data submitted into Webform Signature element during webform submission creation. This allows a malicious user to generate and extract HMAC hashes for arbitrary data. Such HMAC hashes are used...

6.3AI score
Exploits0References6
Drupal
Drupal
added 2020/05/06 12:0 a.m.22 views

Webform - Critical - Remote Code Execution - SA-CONTRIB-2020-011

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently filter webform element properties attributes under the scenario of editing a webform. Malicious user could craft such an attribute elementvalidate, for example that would invoke execution of undesired PH...

6.6AI score
Exploits0References7
Drupal
Drupal
added 2020/04/15 12:0 a.m.12 views

JSON:API - Critical - Unsupported - SA-CONTRIB-2020-010

This module provides a JSON API standards-compliant API for accessing and manipulating Drupal content and configuration entities. The security team and module maintainers are marking this project unsupported. Both the 8.x-1.x and 8.x-2.x versions are unsupported, and users of either version are...

5.6AI score
Exploits0References9
Drupal
Drupal
added 2020/04/08 12:0 a.m.24 views

Spamicide - Critical - Access bypass - SA-CONTRIB-2020-009

The Spamicide module protects Drupal forms with a form field that is hidden from normal users, but visible to spam bots. The module doesn't require appropriate permissions for administrative pages leading to an Access Bypass...

6.6AI score
Exploits0References6
Drupal
Drupal
added 2020/03/25 12:0 a.m.20 views

Svg Image - Critical - Cross site scripting - SA-CONTRIB-2020-008

SVG Image module allows to upload SVG files. The module did not sufficiently protect against malicious code inside SVG files leading to a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission to upload an SVG file...

6.5AI score
Exploits0References7
Drupal
Drupal
added 2020/03/18 12:0 a.m.24 views

CKEditor 4 - WYSIWYG HTML editor - Moderately critical - Cross site scripting - SA-CONTRIB-2020-007

The CKEditor module and its predecessor, FCKeditor module allows Drupal to replace textarea fields with CKEditor 3.x/4.x FCKeditor 2.x in case of FCKeditor module - a visual HTML editor, sometimes called WYSIWYG editor. Due to the usage of the JavaScript eval function on non-filtered data in admi...

6.1AI score
Exploits0References6
Drupal
Drupal
added 2020/03/18 12:0 a.m.33 views

Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001

The Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations. Vulnerabilities are possible if Drupal is configured to use the WYSIWYG CKEditor for your site's users. An attacker that can create or edit...

5.9AI score
Exploits0References3
Drupal
Drupal
added 2020/03/11 12:0 a.m.15 views

SAML Service Provider - Critical - Access bypass - SA-CONTRIB-2020-006

This module enables you to authenticate Drupal users using an external SAML Identity Provider. If the site is configured to allow visitors to register for user accounts but administrator approval is required, the module doesn't sufficiently enforce the administrative approval requirement, in the...

6.4AI score
Exploits0References6
Drupal
Drupal
added 2020/03/04 12:0 a.m.14 views

SVG Formatter - Critical - Cross site scripting - SA-CONTRIB-2020-005

SVG Formatter module provides support for using SVG images on your website. This security release fixes third-party dependencies included in or required by SVG Formatter. XSS bypass using entities and tab. This vulnerability is mitigated by the fact that an attacker must be able to upload SVG fil...

6AI score
Exploits0References7
Drupal
Drupal
added 2020/02/19 12:0 a.m.16 views

Profile - Moderately critical - Access Bypass - SA-CONTRIB-2020-004

The Profile module enables you to allow users to have configurable user profiles. The module doesn't sufficiently check access when creating a user profile. Users with the "create profiles" permission could create profiles for any users...

6.5AI score
Exploits0References7Affected Software1
Total number of security vulnerabilities1940