Show advisories for only Drupal Core, only contributed projects, or only PSAs

Decoupled Router - Critical - Access bypass - SA-CONTRIB-2018-071

Date: 
2018-October-31
Security risk: 
Critical 15 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All

This module enables you to resolve the provided Drupal path in order to find the canonical path and information about the resolved entity. This information includes entity type ID, entity ID, entity UUID and entity label.

The module doesn't sufficiently check access before displaying entity labels. This leads to the display of labels on entities that are not be accessible, for example; titles of unpublished content.

Search Autocomplete - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-070

Date: 
2018-October-17
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default
CVE IDs: 
CVE-2018-7603

This Search Autocomplete module enables you to autocomplete textfield using data from your website (nodes, comments, etc..).

The module doesn't sufficiently filter user-entered text among the autocompletion items leading to a Cross Site Scripting (XSS) vulnerability.

This vulnerability can be exploited by any user allowed to create one of the autocompletion item, for instance, nodes, users, comments.

Drupal 7.x and 8.x release on Oct 17th, 2018 - PSA-2018-10-17

Date: 
2018-October-17

The Drupal Security team has a core and contrib release window on the 3rd Wednesday of the month. This window normally ends at 5pm Eastern (9PM UTC).

Due to unforeseen circumstances, we are extending the current window we are in by 3 hours until Oct 17th, 2018 at 8pm Eastern (11:59PM UTC).

HTML Mail - Critical - Remote Code Execution - SA-CONTRIB-2018-069

Date: 
2018-October-17
Security risk: 
Critical 17 ∕ 25 AC:Basic/A:Admin/CI:All/II:All/E:Theoretical/TD:All

The HTML Mail module lets you theme your messages the same way you theme the rest of your website.

When sending email some variables were not being sanitized for shell arguments, which could lead to remote code execution.

This issue is related to the Drupal Core release SA-CORE-2018-006.

Mime Mail - Critical - Remote Code Execution - SA-CONTRIB-2018-068

Date: 
2018-October-17
Security risk: 
Critical 17 ∕ 25 AC:Basic/A:User/CI:All/II:All/E:Theoretical/TD:Default

The MIME Mail module allows to send MIME-encoded e-mail messages with embedded images and attachments.

The module doesn't sufficiently sanitized some variables for shell arguments when sending email, which could lead to arbitrary remote code execution.

This issue is related to the Drupal Core release SA-CORE-2018-006.

Drupal Core - Multiple Vulnerabilities - SA-CORE-2018-006

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CORE-2018-006
  • Project: Drupal core
  • Version: 7.x, 8.x
  • Date: 2018-October-17

Workbench Moderation - Moderately critical - Access bypass - SA-CONTRIB-2018-067

Date: 
2018-October-17
Security risk: 
Moderately critical 11 ∕ 25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon

The Workbench Moderation module adds arbitrary moderation states to Drupal core's "unpublished" and "published" node states, and affects the behavior of node revisions when nodes are published.

In some conditions, content moderation fails to check a users access to use certain transitions, leading to an access bypass.

This issue is related to the Drupal Core release SA-CORE-2018-006.

NVP field - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-066

Date: 
2018-October-10
Security risk: 
Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All

NVP field module allows you to create a field type of name/value pairs, with custom
titles and easily editable rendering with customizable HTML/text surrounding the pairs.

The module doesn't sufficiently handle sanitization of its field formatter's output.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission of creating/editing content where the module defined fields are in use.

Search API Solr - Moderately critical - Access bypass - SA-CONTRIB-2018-065

Date: 
2018-October-10
Security risk: 
Moderately critical 10 ∕ 25 AC:Complex/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon

This module provides support for creating searches using the Apache Solr search engine and the Search API Drupal module.

The module doesn't sufficiently take the searched fulltext fields into account when creating a search excerpt. This can, in specific cases, lead to confidential data being leaked as part of the search excerpt.

Lightbox2 - Critical - Cross Site Scripting - SA-CONTRIB-2018-064

Date: 
2018-October-10
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All

The Lightbox2 module enables you to overlay images on the current page.

The module did not sanitize some inputs when used in combination with a custom view leading to potential Cross Site Scripting (XSS).

Pages

Subscribe with RSS Subscribe to Security advisories