Show advisories for only Drupal Core, only contributed projects, or only PSAs

AddToAny Share Buttons - Moderately critical - Access bypass - SA-CONTRIB-2023-018

Date: 
2023-May-31
Security risk: 
Moderately critical 11 ∕ 25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon

This module provides social media share & follow buttons.

The module doesn't sufficiently check access to a node when retrieving the label of an AddToAny block.

This vulnerability is mitigated by the fact it requires the node ID to be passed via the route, requiring another module or specific configuration to provide this ID, as the /node/{id} page doesn't provide this value on an access denied.

Consent Popup - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-017

Date: 
2023-May-31
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

The Consent Popup provides a configurable popup that requires acceptance of a question before the visitor can continue, typically used for age consent.

The module doesn't sufficiently sanitizes the text on the block leading to a cross site scripting (XSS) vulnerability.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create blocks.

Iubenda Integration - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-016

Date: 
2023-May-31
Security risk: 
Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All

The Iubenda Integration module provides a custom block to provide a link to the Iubenda privacy policy. On this block, a custom prefix and suffix text can be entered.

The module does not sufficiently filter the block text fields on output, resulting in a Cross-Site Scripting (XSS) vulnerability.

This vulnerability is mitigated by the fact that an attacker must have a role with permission to use the layout builder on content, edit the layout, or with the "Administer blocks" permission.

File Chooser Field - Moderately critical - Server Side Request Forgery, Information Disclosure - SA-CONTRIB-2023-015

Date: 
2023-May-17
Security risk: 
Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:None/E:Exploit/TD:All

The File Chooser Field allows users to upload files using 3rd party plugins such as Google Drive and Dropbox.

This module fails to validate user input sufficiently which could under certain circumstances lead to a Server Side Request Forgery (SSRF) vulnerability leading to Information Disclosure. In uncommon configurations and scenarios, it might lead to Remote Code Execution.

S3 File System - Moderately critical - Access bypass - SA-CONTRIB-2023-014

Date: 
2023-May-03
Security risk: 
Moderately critical 13 ∕ 25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:All

S3 File System (s3fs) provides an additional file system to your Drupal site, which stores files in Amazon's Simple Storage Service (S3) or any other S3-compatible storage service.

This module may fail to validate that a file being requested to be moved to storage was uploaded during the same web request, possibly allowing an attacker to move files that should normally be inaccessible to them.

This vulnerability is mitigated by the fact that another vulnerability must already exist outside of s3fs.

Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005

Date: 
2023-April-19
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:All
CVE IDs: 
CVE-2023-31250

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to.

Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing private files after updating.

Protected Pages - Critical - Access bypass - SA-CONTRIB-2023-013

Date: 
2023-April-12
Security risk: 
Critical 16 ∕ 25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All

This module enables you to secure any page with a password.

The module does not sufficiently restrict access to the page content.

Xray Audit - Moderately critical - Cross site scripting - SA-CONTRIB-2023-012

Date: 
2023-March-29
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

This module is a tool for developers, analysts, and administrators that allows them to generate reports on a given Drupal installation.

The module does not sufficiently sanitize some data presented in its reports.

This vulnerability is mitigated by the fact that an attacker must have a role with permissions to administer an impacted content type.

Responsive media Image Formatter - Critical - Unsupported - SA-CONTRIB-2023-011

Date: 
2023-March-15
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Media Responsive Thumbnail - Moderately critical - Information disclosure - SA-CONTRIB-2023-010

Date: 
2023-March-15
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default

The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image.

This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to.

This release was coordinated with SA-CORE-2023-002.

Pages

Subscribe with RSS Subscribe to Security advisories