1940 matches found
Views SVG Animation - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-051
This module enables you to animate an SVG graphic by selecting certain rows in a view. The module doesn't sufficiently sanitize the SVG file before embedding it into the html. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to upload SVG files...
Loft Data Grids - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2024-054
This module provides serialization formats for use by other modules. The module includes a version of phpoffice/phpspreadsheet which has multiple known security vulnerabilities...
Monster Menus - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-052
This module enables you to group nodes within pages that have a highly-granular, distributed permissions structure. In certain cases the module doesn't sufficiently sanitize data before passing it to PHP's unserialize function, which can result in arbitrary code execution...
SVG Embed - Moderately critical - Cross site scripting - SA-CONTRIB-2024-050
This module enables you to embed the content of an SVG file into the body html of a node and optionally allows to translate text contained within the image. The module doesn't sufficiently sanitize the SVG file before embedding it into the html. This vulnerability is mitigated by the fact that an...
Smartling Connector - Less critical - Multiple vulnerabilities - SA-CONTRIB-2024-053
Smartling module allows you to translate content in Drupal 7 using the Smartling Translation Management Platform. The module includes an outdated version of the Guzzle package guzzlehttp/guzzle 6.3.3, which has known security vulnerabilities...
Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002
Under certain uncommon site configurations, a bug in the CKEditor 5 module can cause some image uploads to move the entire webroot to a different location on the file system. This could be exploited by a malicious user to take down a site. The issue is mitigated by the fact that several non-defau...
Monster Menus - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-045
This module enables you to group nodes within pages that have a highly-granular, distributed permissions structure. A function which can be used by third-party code does not return valid data under certain rare circumstances. If the third-party code relies on this data to decide whether to grant...
Facets - Critical - Cross Site Scripting - SA-CONTRIB-2024-047
This module enables you to to easily create and manage faceted search interfaces. The module doesn't sufficiently filter for malicious script leading to a reflected cross site scripting XSS vulnerability. The vulnerability exists in the Facets Summary submodule. If you do not use that sub module...
wkhtmltopdf - Highly critical - Unsupported - SA-CONTRIB-2024-049
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046
This module enables you to manage blocks from specific modules in the specific themes. The module doesn't sufficiently check permissions under the scenario when a block is added using the form "/admin/structure/block/add/pluginid/theme" route "block.adminadd". The attacker can add the block to th...
Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048
This module provides a new UI experience for node editing using the Gutenberg Editor library. The module did not sufficiently protect some routes against a Cross Site Request Forgery attack. This vulnerability is mitigated by the fact that the tricked user needs to have an active session with the...
Two-factor Authentication (TFA) - Critical - Access bypass - SA-CONTRIB-2024-043
This module enables you to allow and/or require users to use a second authentication method in addition to password authentication. The module does not sufficiently migrate sessions before prompting for a second factor token. This vulnerability is mitigated by the fact that an attacker must fixat...
Persistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044
This module enables users to remain logged in separately from session timeouts. The module doesn't sufficiently check a user's disabled status when validating cookies. This vulnerability is mitigated by the fact that an attacker must have an unexpired cookie from a previous successful login...
Diff - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-042
This module adds a tab for sufficiently permissioned users. The tab shows all revisions like standard Drupal but it also allows pretty viewing of all added/changed/deleted words between revisions. The module doesn't sufficiently check revision access before rendering a diff report for 1 nodes or ...
Smart IP Ban - Critical - Access bypass - SA-CONTRIB-2024-041
The Smart IP Ban module enables a site to automatically ban an IP address based upon too many failed authentications. The module doesn't sufficiently protect access to certain paths provided by the module allowing a malicious user to view and modify the settings...
File Entity (fieldable files) - Moderately critical - Information Disclosure - SA-CONTRIB-2024-040
This module enables you to store and manage both private and public files, provides the ability to add fieldable metadata for fileentity bundle types in addition to core filemanaged data. The module doesn't sufficiently ensure that folders exist within the private destination prior to writing to...
Security Kit - Less critical - Denial of Service - SA-CONTRIB-2024-039
This module provides Drupal with various security-hardening options, for example by emitting various configurable HTTP response headers. The module doesn't sufficiently validate input in Content Security Policy CSP violation reports. This can cause errors when a logging module e.g. dblog or syslo...
Paragraphs table - Critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-036
This module enables field collections to be displayed as tables. It supports display suite and field permissions and provides operations modify, delete, duplicate. This module has multiple vulnerabilities due to the requirements on the routes it provides not being restrictive enough. Information...
Content Entity Clone - Moderately critical - Information Disclosure - SA-CONTRIB-2024-035
This module enables you to "clone" a content entity, i.e. to create a new content pre-filled with data from another entity of the same type and bundle. The module doesn't properly check the user access to the original entity, allowing users to create a new entity they have permission to create...
Freelinking - Moderately critical - Information Disclosure - SA-CONTRIB-2024-034
This module enables you to configure a wiki-like input filter that allows users to create links to site and external content. The module doesn't sufficiently check if a user has access to some URLs before rendering them as links. This vulnerability is mitigated by the fact that an attacker must...
Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038
Open Social is a Drupal distribution for online communities. The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not...
Open Social - Moderately critical - Cross Site Scripting, Denial of Service - SA-CONTRIB-2024-037
Open Social is a Drupal distribution for online communities, which ships with an optional module called Social Embed. This module allows a website to display embedded content such as photos or videos when a user posts a link to that resource, without having to parse the resource directly. Added...
Advanced Varnish - Moderately critical - Access bypass - SA-CONTRIB-2024-033
This module enables you to cache pages for logged in users at the Varnish level. The Varnish bin names may be guessable when no hashing noise configuration is set on the module configuration page, which would ultimately allow any user to view cached pages that were intended for other roles when...
Opigno TinCan Question Type - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-031
The Opigno TinCan Question Type module is related to Opigno LMS distribution. The module adds a new question type for the Quiz module. With this new question type, you will be able to import TinCan Packages to your Drupal instance and to use it as a question. Uploaded files were not sufficiently...
Opigno - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-032
The Opigno module is related to Opigno LMS distribution. Opigno Scorm submodule exposes an API for extracting and handling SCORM packages. Uploaded files were not sufficiently validated to prevent arbitrary file uploads, which could lead to Remote Code Execution RCE and/or Cross Site Scripting XS...
Responsive and off-canvas menu - Moderately critical - Access bypass - SA-CONTRIB-2024-030
This module integrates the mmenu library with Drupal's menu system with the aim of having an off-canvas mobile menu and a horizontal menu at wider widths. The module doesn't respect custom node access restrictions implemented through hookENTITYTYPEaccess hooks meaning the titles of restricted nod...
Opigno module - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-028
The Opigno module is related to Opigno LMS distribution. It implements the module entity, that is a sub-part of a training. In the opignomodule module, uploaded files were not sufficiently validated to prevent arbitrary file uploads, which could lead to Remote Code Execution RCE and/or Cross Site...
Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029
The Opigno Learning Path module enables you to manage group content. Administrative forms allow uploading malicious files which may contain arbitrary code RCE or cross site scriptiong XSS. These forms were not adequately controlled with permissions that communicate the severity of the permission...
Opigno group manager - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-027
The Opigno group manager project is related to Opigno LMS distribution. It allows to build the contents of learning paths, by combining together modules, courses, and other activities, ordering them, and defining conditional rules for the transitions from one step to the next one. An administrati...
View Password - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-026
The View Password module enables you to add a help icon button next to the password input field to toggle the password visibility. The administrative user is allowed to add classes to this icon for styling purposes. The module doesn't validate the content of classes. A malicious user with access ...
Acquia DAM - Moderately critical - Cross Site Request Forgery, Denial of Service - SA-CONTRIB-2024-025
Acquia DAM provides a connection to a third-party asset management system, allowing for images to be managed, linked to, and viewed from Drupal. In order for assets to be managed in Drupal, a site administrator must first authenticate the site to their DAM instance. The module doesn't sufficientl...
Image Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023
This module enables you to create responsive image styles that depend on the parent element's width. The module doesn't sufficiently check access to rendered images, resulting in access bypass vulnerabilities in specific scenarios...
Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024
The Migrate queue importer module enables you to create cron migrationsconfiguration entities with a reference towards migration entities in order to import them during cron runs. The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an...
Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022
Drupal REST & JSON API Authentication module restricts and secures unauthorized access to your Drupal site APIs using different authentication methods including Basic Authentication , API Key Authentication , JWT Authentication , OAuth Authentication , External / Third-Party Provider...
Commerce View Receipt - Moderately critical - Access bypass - SA-CONTRIB-2024-021
The Commerce View Receipts module enables you to view commerce order receipts in the browser. The module doesn't sufficiently check access permissions, allowing an unauthorised user to view the private information of other customers...
Email Contact - Moderately critical - Access bypass - SA-CONTRIB-2024-020
The Email Contact module provides email field display formatters that can display the field as a link to the contact form, or as an inline contact form. The module does not sufficiently handle restricted entity or field access to the mail sending form, when the "Email contact link" formatter is...
RESTful Web Services - Critical - Access bypass - SA-CONTRIB-2024-019
This module exposes Drupal resources e.g. entities as RESTful web services. The module doesn't sufficiently restrict access for user resources...
REST Views - Moderately critical - Information Disclosure - SA-CONTRIB-2024-018
The Rest views module lets site admins create rest exports in views with additional options for serializing data. This module does not accurately check access and may expose paths to unpublished content. This vulnerability is mitigated by the fact that there must be a specific content structure t...
Advanced PWA inc Push Notifications - Critical - Access bypass - SA-CONTRIB-2024-017
Progressive web applications are web applications that load like regular web pages or websites but can offer the user functionality such as working offline, push notifications, and device hardware access traditionally available only to native applications. This module doesn't sufficiently protect...
TacJS - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-016
This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to a persistent Cross Site Scripting XSS vulnerability. More details are available in CVE-2023-3620. This vulnerability is...
Registration role - Critical - Access bypass - SA-CONTRIB-2024-015
The Registration role module lets an administrator select a role or multiple roles to automatically assign to new users. The selected role or roles will be assigned to new registrants. The module has a logic error when handling sites that upgraded code and did not run the Drupal update process e....
Coffee - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-011
The Coffee module helps you to navigate through the Drupal admin menus faster with a shortcut popup. The module doesn't sufficiently escape menu names when displaying them in the popup, thereby exposing a XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a...
Node Access Rebuild Progressive - Less critical - Access bypass - SA-CONTRIB-2024-013
This module provides an alternative mean of rebuilding the Content Access table. The module doesn't sufficiently reset the state of content access when the module is uninstalled...
Drupal Symfony Mailer Lite - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-014
The module doesn’t sufficiently protect against malicious links, which means an attacker can trick an administrator into performing unwanted actions. This vulnerability is mitigated by the fact that the set of unwanted actions is limited to specific configurations...
Private content - Moderately critical - Access bypass - SA-CONTRIB-2024-012
This module gives each node a 'private' checkbox. If it's set, the node can only be seen by the node author, or users with the 'access private content' permission. The module incorrectly grants access to private nodes under certain specific circumstances. This vulnerability is mitigated by the fa...
Node Access Rebuild Progressive - Less critical - Access bypass - SA-CONTRIB-2024-010
This module provides an alternative mean of rebuilding the Content Access table. The module doesn't sufficiently reset the state of content access when the module is uninstalled...
CKEditor 4 LTS - WYSIWYG HTML editor - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-009
The CKEditor 4 LTS - WYSIWYG HTML editor module uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that on certain configurations may impact the Drupal module that bundles and integrates this code. The vulnerability is mitigated by the fact it requires: full-pa...
Migrate Tools - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-008
The Migrate Tools module provides tools for running and managing Drupal migrations. The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an attacker to trick an authenticated administrator into initiating a migration. This vulnerability is...
Entity Delete Log - Moderately critical - Access bypass - SA-CONTRIB-2024-007
The Entity Delete Log module tracks the deletion of configured entity types, such as node or comments. It does not add sufficient permission to the log report page, allowing an attacker to view information from deleted entities...
Open Social - Moderately critical - Information Disclosure - SA-CONTRIB-2024-005
Open Social is a Drupal distribution for online communities. The included optional socialgroupflexiblegroup module doesn't sufficiently validate group updates. The lack of validation makes it possible to have content inside the group changing it's visibility, which could lead to that content bein...