Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-25273

Опубликовано: 26 апр. 2023
Источник: debian
EPSS Низкий

Описание

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
drupal7not-affectedpackage

Примечания

  • https://www.drupal.org/sa-core-2022-008

EPSS

Процентиль: 40%
0.00177
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-25273

CVSS3: 7.5
ubuntu
около 2 лет назад

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.

nvd логотип

CVE-2022-25273

CVSS3: 7.5
nvd
около 2 лет назад

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.

github логотип

GHSA-g36h-4jr6-qmm9

CVSS3: 7.5
github
около 2 лет назад

Improper input validation in Drupal core

EPSS

Процентиль: 40%
0.00177
Низкий