Vulnerabilities > Drupal
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-21 | CVE-2022-24775 | Improper Input Validation vulnerability in multiple products guzzlehttp/psr7 is a PSR-7 HTTP message library. | 5.0 |
| 2022-03-16 | CVE-2022-24729 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 5.0 |
| 2022-03-16 | CVE-2022-24728 | Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 3.5 |
| 2022-02-17 | CVE-2022-25270 | Incorrect Authorization vulnerability in Drupal The Quick Edit module does not properly check entity access in some circumstances. | 4.0 |
| 2022-02-16 | CVE-2022-25271 | Improper Input Validation vulnerability in Drupal Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. | 4.3 |
| 2022-02-11 | CVE-2020-13668 | Cross-site Scripting vulnerability in Drupal Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. | 4.3 |
| 2022-02-11 | CVE-2020-13669 | Cross-site Scripting vulnerability in Drupal Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. | 4.3 |
| 2022-02-11 | CVE-2020-13670 | Exposure of Resource to Wrong Sphere vulnerability in Drupal Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. | 5.0 |
| 2022-02-11 | CVE-2020-13672 | Cross-site Scripting vulnerability in Drupal Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. | 2.6 |
| 2022-02-11 | CVE-2020-13673 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Entity Embed 8.X1.0/8.X1.1/8.X1.2 The Entity Embed module provides a filter to allow embedding entities in content fields. | 2.6 |