Описание
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| drupal7 | removed | package |
Примечания
https://www.drupal.org/sa-core-2022-003
https://git.drupalcode.org/project/drupal/-/commit/43c757167380643b5f73287a63a8739731a5b712
EPSS
Связанные уязвимости
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
Уязвимость системы управления содержимым Drupal, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю записать/перезаписать произвольные данные
EPSS