Download
| Alert*
oval:org.secpod.oval:def:603281
Multiple vulnerabilities have been found in the Drupal content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-001 oval:org.secpod.oval:def:53079 Two vulnerabilities were discovered in Drupal, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-7943 Samuel Mortenson and Pere Orga discovered that the overlay module does not sufficiently validate URLs prior to ... oval:org.secpod.oval:def:1901322 The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form. oval:org.secpod.oval:def:116571 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. oval:org.secpod.oval:def:116570 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. oval:org.secpod.oval:def:116573 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. |