Multiple vulnerabilities in Drupal



Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID N/A
CWE-ID CWE-79
CWE-94
CWE-20
CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
Drupal
Web applications / CMS

Vendor Drupal

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Cross-site scripting

EUVDB-ID: #VU100755

Risk: Low

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Drupal: 8.8.0 alpha1 - 11.0.7

CPE2.3 External links

http://www.drupal.org/sa-core-2024-003


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Code Injection

EUVDB-ID: #VU100761

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to the PHP Object injection issue in the "unserialize()" function. A remote adminisrator can send a specially crafted request and execute arbitrary code on the target system.

According to the vendor the vulnerability is not directly exploitable.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Drupal: 8.0 - 11.0.7

CPE2.3 External links

http://www.drupal.org/sa-core-2024-007


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU100759

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the PHP Object Injection issue in the "unserialize()" function. A remote user can pass specially crafted input to the application and delete arbitrary files on the system.

According to the vendor the vulnerability is not directly exploitable.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Drupal: 8.0 - 11.0.7

CPE2.3 External links

http://www.drupal.org/sa-core-2024-006


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper access control

EUVDB-ID: #VU100757

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user can register with the same email address as another user.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Drupal: 8.0 - 11.0.7

CPE2.3 External links

http://www.drupal.org/sa-core-2024-004


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###