Multiple vulnerabilities in Drupal
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU73725
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions to the page that outputs the markup from phpinfo() to assist with diagnosing PHP configuration.. A remote attacker who can exploit an XSS vulnerability on the website can retrieve data from the phpinfo() output.
Install updates from vendor's website.
Vulnerable software versionsDrupal: - - 10.0.4
CPE2.3- cpe:2.3:a:drupal:drupal:10.0.4:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:4.7.11:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:5.23:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:6.38:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:7.94:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.2.8:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.3.9:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.4.8:*:*:*:*:*:*:
http://www.drupal.org/sa-core-2023-004
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU73724
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way the language module handles translations of articles. A remote attacker can use the Language switcher block to obtain links to quickly switch between different languages and use these links to view unpublished translations. When used in conjunction with a module like Pathauto, this may reveal the title of unpublished content.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDrupal: 8.0 - 10.0.4
CPE2.3- cpe:2.3:a:drupal:drupal:8.5.15:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.6.18:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.7.14:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.8.12:*:*:*:*:*:*:
- cpe:2.3:a:drupal:drupal:8.9.20:*:*:*:*:*:*:
http://www.drupal.org/sa-core-2023-003
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU73723
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to thumbnails of media items.
The vulnerability exists due to improper access restrictions to thumbnails of media items. A remote attacker can view contents of potentially sensitive files.
Install updates from vendor's website.
Vulnerable software versionsDrupal: 8.0 - 10.0.4
CPE2.3 External linkshttp://www.drupal.org/sa-core-2023-002
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
