Vulnerabilities > Drupal > Drupal > 7.86
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-26 | CVE-2023-31250 | Incorrect Authorization vulnerability in Drupal The file download facility doesn't sufficiently sanitize file paths in certain situations. | 6.5 |
| 2023-04-26 | CVE-2022-25275 | Unspecified vulnerability in Drupal In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. | 7.5 |
| 2022-02-16 | CVE-2022-25271 | Improper Input Validation vulnerability in multiple products Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. | 7.5 |