Vulnerability Database

drupal / drupal

• You can search for specific versions with https://synscan.net/product/drupal/1.2.3

Title	Severity	Exploit	Date	Affected Version
Drupal core Open Redirect vulnerability	Medium		May 15, 2024	>= 7.0.0 < 7.70
Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar	High		May 15, 2024	>= 7.0.0 < 7.69 >= 8.0.0 < 8.7.11 >= 8.8.0 < 8.8.1
Drupal core Access control bypass	Medium		May 15, 2024	>= 8.0.0 < 8.7.11 >= 8.8.0 < 8.8.1
Drupal core Denial of Service	Medium		May 15, 2024	>= 8.0.0 < 8.7.11 >= 8.8.0 < 8.8.1
Drupal core Remote Code Execution	Critical		May 15, 2024	>= 7.0 < 7.60 >= 8.0.0 < 8.5.8 >= 8.6.0 < 8.6.2
Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution	Critical		May 15, 2024	>= 8.0.0 < 8.5.8 >= 8.6.0 < 8.6.2
Drupal Malicious file upload with filenames stating with dot	Medium		May 15, 2024	>= 8.0.0 < 8.7.11 >= 8.8.0 < 8.8.1
Drupal Anonymous Open Redirect	Medium		May 15, 2024	>= 8.0.0 < 8.5.8 >= 8.6.0 < 8.6.2
Drupal Content moderation Access bypass	Medium		May 15, 2024	>= 8.0.0 < 8.5.8 >= 8.6.0 < 8.6.2
Drupal External URL injection through URL aliases leading to Open Redirect	Medium		May 15, 2024	>= 7.0 < 7.60 >= 8.0.0 < 8.5.8 >= 8.6.0 < 8.6.2