Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

drupal/core

packagist

Drupal is an open source content management platform powering millions of websites and applications.

View on github.com · View on packagist.org

Moderate Security Advisories for drupal/core in packagist Clear Filters

Moderate
6 months ago

Drupal Core Potential Cross-Site Scripting (XSS) via Error Messages GSA_kwCzR0hTQS0zOWc2LXg0eDgtNWpjbc4ABGKO

packagist drupal/core
Moderate
6 months ago

Drupal Core Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability GSA_kwCzR0hTQS0ycXBoLXE4eHctZ3Y3cc4ABGJ5

packagist drupal/core
Moderate
6 months ago

Drupal Core Vulnerable to Forceful Browsing GSA_kwCzR0hTQS13cHA4LWZqZ2YtcHdjN84ABGJ3

packagist drupal/core
Moderate
10 months ago

Drupal core Access bypass GSA_kwCzR0hTQS03Y3djLWZqcW0tOHZoOM4ABCNe

packagist drupal/drupal, drupal/core-recommended, drupal/core
Moderate
10 months ago

Drupal Core Cross-Site Scripting (XSS) GSA_kwCzR0hTQS04bXZxLThoMnYtajl2Zs4ABCNk

packagist drupal/drupal, drupal/core-recommended, drupal/core
Moderate
10 months ago

Drupal core vulnerable to improper error handling GSA_kwCzR0hTQS01MmpyLXg2aDYteGo2Z84ABCFH

packagist drupal/core
Moderate
about 1 year ago

Drupal Full Path Disclosure GSA_kwCzR0hTQS1tZzhqLXc5M3cteGpnY84AA_BD

packagist drupal/core, drupal/core-recommended, drupal/drupal
Moderate
over 1 year ago

Drupal core Cross-Site Scripting (XSS) vulnerabilities GSA_kwCzR0hTQS12ZmdjLWM3NmgtbXdoNM4AA8HN

packagist drupal/core
Moderate
over 1 year ago

Drupal core Open Redirect vulnerability GSA_kwCzR0hTQS02Z2Y2LTI0aDItNjZqNM4AA8HL

packagist drupal/core
Moderate
over 1 year ago

Drupal core uses a vulnerable Third-party library CKEditor GSA_kwCzR0hTQS12MjczLWo1aHEtMjZ4cM4AA8HK

packagist drupal/core
Moderate
over 1 year ago

Drupal core Access bypass GSA_kwCzR0hTQS1taDRoLTI3Z3EtY3h3as4AA8HI

packagist drupal/core
Moderate
over 1 year ago

Drupal core unrestricted file upload GSA_kwCzR0hTQS03Z3dqLTdmaG0tdnc0d84AA8HH

packagist drupal/core
Moderate
over 1 year ago

Drupal core Denial of Service GSA_kwCzR0hTQS1wcjk5LWMzM3AtZndmNs4AA8HG

packagist drupal/core
Moderate
over 1 year ago

Drupal Anonymous Open Redirect GSA_kwCzR0hTQS1nZnZmLTJmMjUtZjM0cs4AA8HD

packagist drupal/core
Moderate
over 1 year ago

Drupal External URL injection through URL aliases leading to Open Redirect GSA_kwCzR0hTQS03ZjRmLXA3bXEtcDRmds4AA8HC

packagist drupal/core
Moderate
over 1 year ago

Drupal Content moderation Access bypass GSA_kwCzR0hTQS1mODRxLW1najktOGpmY84AA8HB

packagist drupal/core
Moderate
over 1 year ago

Drupal core Denial of Service vulnerability GSA_kwCzR0hTQS02Y2N2LThmZ2YtY2pwd84AA5Og

packagist drupal/core
Moderate
over 1 year ago

Drupal Denial of Service vulnerability GSA_kwCzR0hTQS02MmNmLWp2cHAtNDhxNs4AA4du

packagist drupal/core
Moderate
over 2 years ago

Lack of domain validation in Druple core GSA_kwCzR0hTQS00d2ZxLWpjOWgtdnBjeM4AAy-i

packagist drupal/core
Moderate
over 2 years ago

Access bypass in Drupal core GSA_kwCzR0hTQS03anI0LWhncXgtdndncc4AAy-k

packagist drupal/core
Moderate
over 2 years ago

Access bypass in Drupal Core GSA_kwCzR0hTQS1jZmgyLTdmNmgtM204Nc4AAy8f

packagist drupal/core
Moderate
over 3 years ago

Drupal Core Cross-site scripting vulnerability GSA_kwCzR0hTQS1xZjJnLW1ycngtcnI1cM4AAo0h

packagist drupal/core
Moderate
over 3 years ago

Drupal Core Access bypass vulnerability GSA_kwCzR0hTQS14MnE5LXI4Z20tZjY1N84AAohb

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Core Open Redirect vulnerability GSA_kwCzR0hTQS1nanFnLTlyaHYtcWo2N84AAoX9

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Core Cross-site scripting vulnerability GSA_kwCzR0hTQS04amoyLXgyZ2MtZ2dtN84AAoX_

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Cross Site Scripting (XSS) vulnerability GSA_kwCzR0hTQS1jbW1oLThtd3AtZ3E1cM4AAiGR

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal CRLF injection vulnerability in the drupal_set_header function GSA_kwCzR0hTQS1mZzVxLXIycTUtcW1oM84AAdZQ

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Reflected file download vulnerability GSA_kwCzR0hTQS1xcXhjLWNwcGctNHhwOM4AAdYz

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal sensitive information disclosure GSA_kwCzR0hTQS1wcXY0LXhncWgtajh2aM4AAdYs

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Users without "Administer comments" can set comment visibility on nodes they can edit GSA_kwCzR0hTQS02ZzloLTZ2NzktdzRwY84AAdKR

packagist drupal/core, drupal/drupal
Moderate
over 3 years ago

Drupal Unprivileged access to config export GSA_kwCzR0hTQS1mbXFoLTJqMngtdmdwM84AAdKO

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Cross-site scripting (XSS) vulnerability GSA_kwCzR0hTQS12aGc4LXg4NTgtN3dxNs4AAdKN

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Views can allow unauthorized users to see Statistics information GSA_kwCzR0hTQS1yZnh4LWd4d2MtOTIzY84AAc9H

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Denial of service via transliterate mechanism GSA_kwCzR0hTQS1qcGo4LTQ5aHItd2N3ds4AAc7N

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Open Redirect GSA_kwCzR0hTQS02NmdyLXhyY2YtOGpwcc4AAcG9

packagist drupal/core
Moderate
over 3 years ago

Drupal sensitive information disclosure GSA_kwCzR0hTQS1wNzQ1LTM0N2gtaGpmd84AAcG_

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal cross site scripting vulnerability GSA_kwCzR0hTQS01dnByLXYyNHctbW1qas4AAXNU

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal external link injection vulnerability GSA_kwCzR0hTQS13bTg2LXczY2YtaDZ2bc4AAXNG

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal cross-site scripting vulnerability GSA_kwCzR0hTQS01ODVqLTU0NDktbWY1bc4AAXMs

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS) GSA_kwCzR0hTQS1nNzhoLXBmNjUtNDZyds4AATTf

npm, packagist ckeditor-dev, drupal/core
Moderate
over 3 years ago

Drupal Settings Tray access bypass GSA_kwCzR0hTQS03ZmZoLWNqdmctZnByNM4AASZT

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal access bypass vulnerability GSA_kwCzR0hTQS02Nm12LXE4cjItaGo4d84AASZx

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal core access bypass vulnerability GSA_kwCzR0hTQS01OGYzLWN4OHAtaDhqZ84AARYs

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal file REST resource does not properly validate GSA_kwCzR0hTQS1oMzc3LTI4N20tdzJyOc4AARY1

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal Cross-Site Scripting vulnerability GSA_kwCzR0hTQS1xcDhxLWd3ZjUtaHFoMs0_SQ

packagist drupal/core
Moderate
over 3 years ago

Incorrect authorization in Drupal core GSA_kwCzR0hTQS03M3E0LWozMjQtMnFjY80s4w

packagist drupal/core
Moderate
over 3 years ago

Drupal core Cross-site Scripting (XSS) vulnerability GSA_kwCzR0hTQS0zbTM2LW1qd2otMzUyY80rQQ

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor GSA_kwCzR0hTQS1jNTMzLWM4NDMtNjdoOM0rSw

packagist drupal/drupal, drupal/core
Moderate
over 3 years ago

Cross-site Scripting in Drupal Core GSA_kwCzR0hTQS1tNnE1LXd2NHgtZnY2aM0rRw

packagist drupal/core
Moderate
over 3 years ago

Cross-Site Request Forgery in Drupal core GSA_kwCzR0hTQS1qNTg2LWNqNjctdmc0cM0rQg

packagist drupal/core
Moderate
over 3 years ago

Incorrect Authorization in Drupal core GSA_kwCzR0hTQS1xZmhnLW02cjgteHhwas0rPw

packagist drupal/core
Moderate
almost 6 years ago

Symfony Cross-site Scripting (XSS) vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OTYtcTVyOC13N2cy

packagist drupal/core, symfony/symfony, symfony/framework-bundle

Filter by Severity

Moderate 52 High 32 Critical 12 Low 2