Show advisories for only Drupal Core, only contributed projects, or only PSAs

Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005

Date: 
2019-April-17
Security risk: 
Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:Default

This security release fixes third-party dependencies included in or required by Drupal core.

TableField - Critical - Remote Code Execution - SA-CONTRIB-2019-045

Date: 
2019-April-17
Security risk: 
Critical 16 ∕ 25 AC:Complex/A:User/CI:All/II:All/E:Theoretical/TD:Default

This module allows you to attach tabular data to an entity.

The module doesn't sufficiently determine that the data being unserialized is the contents of a tablefield when users request a CSV export, which could lead to Remote Code Execution via Object Injection.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission 'export tablefield', and be able to insert a payload into an entity's field.

Stage File Proxy - Less critical - Denial of Service - SA-CONTRIB-2019-044

Date: 
2019-April-17
Security risk: 
Less critical 9 ∕ 25 AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default

Stage File Proxy is a general solution for getting production files on a development server on demand.

The module doesn't sufficiently validate requested urls, allowing an attacker to send repeated requests for files that do not exist which could exhaust resources on the server where Stage File Proxy is installed.

Services - Less critical - Access bypass - SA-CONTRIB-2019-043

Date: 
2019-April-03
Security risk: 
Less critical 9 ∕ 25 AC:Complex/A:User/CI:Some/II:None/E:Theoretical/TD:Default

This module provides a standardized solution for building API's so that external clients can communicate with Drupal.

The Services module has an access bypass vulnerability in its "attach_file" resource that allows users who have access to create or update nodes that include file fields to arbitrarily reference files they do not have access to, which can expose private files.

This vulnerability is mitigated by the fact that an attacker must have a role with permission to create or edit a node.

Module Filter - Moderately critical - Cross site scripting - SA-CONTRIB-2019-042

Date: 
2019-March-27
Security risk: 
Moderately critical 12 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:Default

This module enables you to filter the list of modules on the admin modules page, and organizes packages into vertical tabs.

The module doesn't sufficiently escape HTML under the scenario leading to a Cross Site Scripting (XSS) vulnerability.

This vulnerability is mitigated by the fact that the attacker must have access to input filtered html that will be included on the modules administration page e.g. in a block (this configuration is not common). Further, the Module Filter vertical tabs setting must be enabled.

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004

Date: 
2019-March-20
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default
CVE IDs: 
CVE-2019-6341

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.

RESTful - Critical - Remote code execution - SA-CONTRIB-2019-041

Date: 
2019-March-20
Security risk: 
Critical 18 ∕ 25 AC:Complex/A:User/CI:All/II:All/E:Exploit/TD:Uncommon

This resolves issues described in SA-CORE-2019-003 for this module.

Back To Top - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-040

Date: 
2019-March-20
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

This module enables you to add a button that hovers in the bottom of your screen and allows users to smoothly scroll up the page using jQuery.

The module doesn't sufficiently sanitize the code that gets printed on pages leading to a Cross Site Scripting (XSS) issue.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access backtotop settings".

AddToAny Share Buttons - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-039

Date: 
2019-March-20
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

This module enables you to add social media share buttons on your website to its content and pages.

The module doesn't sufficiently mark its administration permission restricted, allowing cross site scripting vulnerabilities to users who have access to its admin settings.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer addtoany".

This advisory was edited on March 25th to add the affected 8.x-1.11 release.

Simple hierarchical select - Moderately critical - Cross site request forgery - SA-CONTRIB-2019-038

Date: 
2019-March-13
Security risk: 
Moderately critical 10 ∕ 25 AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:Default

Simple hierarchical select defines a new form widget for taxonomy fields to select a term by "browsing" through the vocabularies hierarchy. It also allows users to create new taxonomy terms using its widget directly in the node form.

Pages

Subscribe with RSS Subscribe to Security advisories