HKCert
  

Drupal Multiple Vulnerabilities

Release Date: 21 / 12 / 2018
Last Update: 21 / 12 / 2018
Criticality Level:  


Multiple vulnerabilities have been identified in Drupal. A remote user can exploit these vulnerabilities to trigger cross site scripting and security restriction bypass on the targeted system.

  • Cross-Site Scripting
  • Security Restriction Bypass
  • Versions prior to Drupal: JSON API 8.x-1.24
  • Versions prior to Drupal: Esign 7.x-1.10

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to Drupal: JSON API 8.x-1.24
  • Update to Drupal: Esign 7.x-1.10