Drupal Core Multiple Vulnerabilities
Release Date:
22 Jul 2022
4984
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Drupal Core. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, remote code execution, cross-site scripting and security restriction bypass on the targeted system.
Impact
- Information Disclosure
- Remote Code Execution
- Security Restriction Bypass
- Cross-Site Scripting
System / Technologies affected
- Versions prior to Drupal 7.91
- Drupal Version 8.x
- Versions prior to Drupal 9.3.19
- Versions prior to Drupal 9.4.3
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
- https://www.drupal.org/sa-core-2022-012
- https://www.drupal.org/sa-core-2022-013
- https://www.drupal.org/sa-core-2022-014
- https://www.drupal.org/sa-core-2022-015
Vulnerability Identifier
Source
Related Link
Related Tags
Share with