Описание
Drupal core Access bypass
Drupal's uniqueness checking for certain user fields is inconsistent depending on the database engine and its collation. As a result, a user may be able to register with the same email address as another user. This may lead to data integrity issues. This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.
Пакеты
drupal/core
>= 8.0.0, < 10.2.11
10.2.11
drupal/core
>= 10.3.0, < 10.3.9
10.3.9
drupal/core
>= 11.0.0, < 11.0.8
11.0.8
drupal/core-recommended
>= 8.0.0, < 10.2.11
10.2.11
drupal/core-recommended
>= 10.3.0, < 10.3.9
10.3.9
drupal/core-recommended
>= 11.0.0, < 11.0.8
11.0.8
drupal/drupal
>= 8.0.0, < 10.2.11
10.2.11
drupal/drupal
>= 10.3.0, < 10.3.9
10.3.9
drupal/drupal
>= 11.0.0, < 11.0.8
11.0.8
Связанные уязвимости
A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.
A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.
A vulnerability in Drupal Core allows Privilege Escalation.This issue ...
Уязвимость ядра CMS-системы Drupal, позволяющая нарушителю повысить свои привилегии