Synology-SA-19:19 Drupal

Publish Time: 2019-04-18 18:15:18 UTC+8

Last Updated: 2019-04-18 18:15:18 UTC+8

Severity
Important
Status
Ongoing

Abstract

Multiple vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML, execute arbitrary code or bypass security constraints via a susceptible version of Drupal and Drupal8.

Affected Products

Product Severity Fixed Release Availability
Drupal Moderate Ongoing
Drupal8 Important Ongoing

Mitigation

None

Detail

Reserved

Reference

Revision

Revision Date Description
1 2019-04-18 Initial public release.