Show advisories for only Drupal Core, only contributed projects, or only PSAs

Spamicide - Critical - Access bypass - SA-CONTRIB-2020-009

Date: 
2020-April-08
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All

The Spamicide module protects Drupal forms with a form field that is hidden from normal users, but visible to spam bots.

The module doesn't require appropriate permissions for administrative pages leading to an Access Bypass.

Svg Image - Critical - Cross site scripting - SA-CONTRIB-2020-008

Date: 
2020-March-25
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All

SVG Image module allows to upload SVG files.

The module did not sufficiently protect against malicious code inside SVG files leading to a Cross Site Scripting vulnerability.

This vulnerability is mitigated by the fact that an attacker must have permission to upload an SVG file.

CKEditor 4 - WYSIWYG HTML editor - Moderately critical - Cross site scripting - SA-CONTRIB-2020-007

Date: 
2020-March-18
Security risk: 
Moderately critical 11 ∕ 25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon

The CKEditor module (and its predecessor, FCKeditor module) allows Drupal to replace textarea fields with CKEditor 3.x/4.x (FCKeditor 2.x in case of FCKeditor module) - a visual HTML editor, sometimes called WYSIWYG editor.

Due to the usage of the JavaScript `eval()` function on non-filtered data in admin section, it was possible for a user with permission to create content visible in the admin area to inject specially crafted malicious script which causes Cross Site Scripting (XSS).

Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001

Date: 
2020-March-18
Security risk: 
Moderately critical 13 ∕ 25 AC:Complex/A:User/CI:Some/II:Some/E:Proof/TD:Default

The Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations.

SAML Service Provider - Critical - Access bypass - SA-CONTRIB-2020-006

Date: 
2020-March-11
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Default

This module enables you to authenticate Drupal users using an external SAML Identity Provider.

If the site is configured to allow visitors to register for user accounts but administrator approval is required, the module doesn't sufficiently enforce the administrative approval requirement, in the case where the requesting user has already authenticated through SAML.

SVG Formatter - Critical - Cross site scripting - SA-CONTRIB-2020-005

Date: 
2020-March-04
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All

SVG Formatter module provides support for using SVG images on your website.

This security release fixes third-party dependencies included in or required by SVG Formatter. XSS bypass using entities and tab.

This vulnerability is mitigated by the fact that an attacker must be able to upload SVG files.

Profile - Moderately critical - Access Bypass - SA-CONTRIB-2020-004

Date: 
2020-February-19
Security risk: 
Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All

The Profile module enables you to allow users to have configurable user profiles.

The module doesn't sufficiently check access when creating a user profile. Users with the "create profiles" permission could create profiles for any users.

Views Bulk Operations (VBO) - Moderately critical - Access bypass - SA-CONTRIB-2020-003

Date: 
2020-February-05
Security risk: 
Moderately critical 12 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon

Views Bulk Operations provides enhancements to running bulk actions on views.

The module contains an access bypass vulnerability that might allow users to execute views actions that they should not have access to.

This vulnerability is mitigated by the fact that it only occurs in the case of customised action access (by means of hook_action_info_alter).

SpamSpan filter - Moderately critical - Cross site scripting - SA-CONTRIB-2020-002

Date: 
2020-January-22
Security risk: 
Moderately critical 11 ∕ 25 AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:Uncommon

The SpamSpan module obfuscates email addresses to help prevent spambots from collecting them.

This module contains a spamspan twig filter which doesn't sanitize the passed HTML string.

This vulnerability is mitigated by the fact that sites must have custom twig template files that use the SpamSpan filter on a field that an attacker could populate. By default the SpamSpan module does not use the vulnerable twig filter.

Radix - Moderately critical - Cross site scripting - SA-CONTRIB-2020-001

Date: 
2020-January-15
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

Radix is a base theme for Drupal, with Bootstrap 4, Sass, ES6 and BrowserSync built-in.

The module doesn't sufficiently filter menu titles when used in a dropdown in the main menu.

This vulnerability is mitigated by the fact that an attacker must have permission to edit a menu title used in the main menu.

Pages

Subscribe with RSS Subscribe to Security advisories