Drupal Core Multiple Vulnerabilities
Release Date: 17 Mar 2023 1618 Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Drupal Core. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure and security restriction bypass on the targeted system.
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- Versions prior to Drupal 10.0.5
- Versions prior to Drupal 9.5.5
- Versions prior to Drupal 9.4.12
- Versions prior to Drupal 7.95
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
All versions of Drupal 9 prior to 9.4.x are end-of-life and do not receive security coverage. Note that Drupal 8 has reached its end of life.
- No CVE information is available