Latest Vulnerabilities Affecting Drupal products

Date	CVE	Title	CVSS
2019-05-24	CVE-2019-11876	Cross-Site Scripting (XSS) vulnerability in Drupal and Prestashop products	Medium
2019-05-16	CVE-2019-10909	Cross-Site Scripting (XSS) vulnerability in Drupal and Sensiolabs products	Low
2019-04-20	CVE-2019-11358	Cross-Site Scripting (XSS) vulnerability in multiple products	Medium
2019-03-26	CVE-2019-6341	Cross-Site Scripting (XSS) vulnerability in multiple products	Low
2019-02-21	CVE-2019-6340	Input Validation vulnerability in Drupal	Medium
2019-01-22	CVE-2019-6339	Input Validation vulnerability in Debian and Drupal products	High
2019-01-22	CVE-2017-6922	Improper Access Control vulnerability in Debian and Drupal products	Medium
2019-01-22	CVE-2017-6923	Improper Access Control vulnerability in Drupal	Medium
2019-01-22	CVE-2019-6338	Deserialization of Untrusted Data vulnerability in Debian and Drupal products	Medium
2019-01-15	CVE-2017-6921	Improper Access Control vulnerability in Drupal	Medium
2019-01-15	CVE-2017-6924	Improper Access Control vulnerability in Drupal	Medium
2019-01-15	CVE-2017-6925	Improper Access Control vulnerability in Drupal	High
2018-08-06	CVE-2017-6920	Data Handling vulnerability in Drupal	High
2018-07-19	CVE-2018-7602	Insufficient Information vulnerability in Debian and Drupal products	High
2018-04-19	CVE-2018-9861	Cross-Site Scripting (XSS) vulnerability in Drupal	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.