Multiple Vulnerabilities in Drupal

Multiple Vulnerabilities in Drupal

Software Affected
 Drupal 8.x

Overview

Multiple Vulnerability has been reported in Drupal which could be exploited by an attacker to execute arbitrary commands on a targeted system.

Description

1. Access bypass Vulnerability
This vulnerability exists due to insufficient check user permissions to access its workflows entities. An attacker could exploit
this vulnerability by Forms Steps provides a UI to create form workflows using form modes. Successful exploitation of this
vulnerability could allow the attacker to see any entities that have been created through the different steps of its multistep
forms.

2. Insecure session token management Vulnerability
This vulnerability allows you to store external images on your server and apply your own Image Styles. The module exposes
cookies to external sites when making external image requests.
An attacker could exploit this vulnerability successfully take control of the targeted website.

Comments

Popular posts from this blog

Some Dark web Links

How to join Cyber Cell or Cyber Crime Department in India || Exam or Direct or Skills???

ATM HACKING TOOL TRENDING ON DARK WEB