Описание
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
7.5 High
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
Drupal core's form API has a vulnerability where certain contributed o ...
Уязвимость системы управления содержимым Drupal, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю записать/перезаписать произвольные данные
EPSS
7.5 High
CVSS3
4.3 Medium
CVSS2