
drupal/core
packagist · Drupal is an open source content management platform powering millions of websites and applications. · Repository · Package
Security Advisories for drupal/core in packagist
Moderate
6 months ago
Drupal Core Potential Cross-Site Scripting (XSS) via Error Messages
packagist
drupal/core
Moderate
6 months ago
Drupal Core Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability
packagist
drupal/core
High
10 months ago
Drupal core contains a potential PHP Object Injection vulnerability
packagist
drupal/drupal, drupal/core-recommended, drupal/core
Low
10 months ago
Drupal core contains a potential PHP Object Injection vulnerability
packagist
drupal/drupal, drupal/core-recommended, drupal/core
High
10 months ago
Drupal core contains a potential PHP Object Injection vulnerability
packagist
drupal/drupal, drupal/core-recommended, drupal/core
Moderate
10 months ago
Drupal core Access bypass
packagist
drupal/drupal, drupal/core-recommended, drupal/core
Moderate
10 months ago
Drupal Core Cross-Site Scripting (XSS)
packagist
drupal/drupal, drupal/core-recommended, drupal/core
Moderate
about 1 year ago
Drupal Full Path Disclosure
packagist
drupal/core, drupal/core-recommended, drupal/drupal
Moderate
over 1 year ago
Drupal core Cross-Site Scripting (XSS) vulnerabilities
packagist
drupal/core
Moderate
over 1 year ago
Drupal core uses a vulnerable Third-party library CKEditor
packagist
drupal/core
High
over 1 year ago
Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar
packagist
drupal/core
Critical
over 1 year ago
Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution
packagist
drupal/core
Moderate
over 1 year ago
Drupal External URL injection through URL aliases leading to Open Redirect
packagist
drupal/core
Critical
over 1 year ago
Drupal Core Remote Code Execution Vulnerability
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Core Cross-Site Request Forgery (CSRF) vulnerability
packagist
drupal/core
Moderate
over 3 years ago
Drupal Core Access bypass vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Core Open Redirect vulnerability
packagist
drupal/drupal, drupal/core
Critical
over 3 years ago
Drupal Core Access bypass vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Core Cross-site scripting vulnerability
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Core Arbitrary PHP code execution vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Cross Site Scripting (XSS) vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal CRLF injection vulnerability in the drupal_set_header function
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Form API ignores access restrictions on submit buttons
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal saving user accounts can sometimes grant the user all roles
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Reflected file download vulnerability
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Brute force amplification attacks via XML-RPC
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Open redirect vulnerability in the drupal_goto function
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal File upload access bypass and denial of service
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Users without "Administer comments" can set comment visibility on nodes they can edit
packagist
drupal/core, drupal/drupal
Moderate
over 3 years ago
Drupal Cross-site scripting (XSS) vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Unprivileged access to config export
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Views can allow unauthorized users to see Statistics information
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Saving user accounts can sometimes grant the user all roles
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal Denial of service via transliterate mechanism
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Incorrect cache context on password reset page
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal sensitive information disclosure
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal cross site scripting vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal external link injection vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal cross-site scripting vulnerability
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Comment reply form allows access to restricted content
packagist
drupal/drupal, drupal/core
Critical
over 3 years ago
Drupal PECL YAML parser unsafe object handling
packagist
drupal/drupal, drupal/core
Critical
over 3 years ago
Drupal Core Remote Code Execution Vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
npm, packagist
ckeditor-dev, drupal/core
High
over 3 years ago
Drupal access control bypass vulnerability
packagist
drupal/drupal, drupal/core
Critical
over 3 years ago
Drupal Entity access bypass for entities that do not have UUIDs or have protected revisions
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal editor module incorrectly checks access to inline private files
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal REST API can bypass comment approval
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal core access bypass vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal file REST resource does not properly validate
packagist
drupal/drupal, drupal/core
High
over 3 years ago
Drupal Core Remote Code Execution Vulnerability
packagist
drupal/drupal, drupal/core
High
over 3 years ago
HTTP Proxy header vulnerability
packagist
padraic/humbug_get_contents, amphp/artax, drupal/core, guzzlehttp/guzzle
Moderate
over 3 years ago
Drupal core Cross-site Scripting (XSS) vulnerability
packagist
drupal/drupal, drupal/core
Moderate
over 3 years ago
Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor
packagist
drupal/drupal, drupal/core
Critical
over 3 years ago
Unrestricted Upload of File with Dangerous Type in Drupal core
packagist
drupal/core
High
almost 4 years ago
Drupal core Unrestricted Upload of File with Dangerous Type
packagist
drupal/core
Critical
about 4 years ago
Directory Traversal in typo3/phar-stream-wrapper
packagist
drupal/drupal, drupal/core
Moderate
almost 6 years ago
Symfony Cross-site Scripting (XSS) vulnerability
packagist
drupal/core, symfony/symfony, symfony/framework-bundle