CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-9861
https://notcve.org/view.php?id=CVE-2018-9861
Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element. Vulnerabilidad Cross-Site Scripting (XSS) en el plugin Enhanced Image (también conocido como image2) para CKEditor (de la versión 4.5.10 a la 4.9.1; solucionado en la versión 4.9.2), tal y como se emplea en Drupal 8 en versiones anteriores a la 8.4.7 y versiones 8.5.x anteriores a la 8.5.2 y en otros productos, permite que atacantes remotos inyecten scripts web arbitrarios mediante un elemento IMG manipulado. • http://www.securityfocus.com/bid/103924 https://github.com/ckeditor/ckeditor-dev/blob/master/CHANGES.md https://www.drupal.org/sa-core-2018-003 https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 97%CPEs: 7EXPL: 28CVE-2018-7600 – Drupal Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7600
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. Drupal en versiones anteriores a la 7.58, 8.x anteriores a la 8.3.9, 8.4.x anteriores a la 8.4.6 y 8.5.x anteriores a la 8.5.1 permite que los atacantes remotos ejecuten código arbitrario debido a un problema que afecta a múltiples subsistemas con configuraciones de módulos por defecto o comunes. Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise. • https://www.exploit-db.com/exploits/44482 https://www.exploit-db.com/exploits/44449 https://www.exploit-db.com/exploits/44448 https://github.com/a2u/CVE-2018-7600 https://github.com/pimps/CVE-2018-7600 https://github.com/g0rx/CVE-2018-7600-Drupal-RCE https://github.com/firefart/CVE-2018-7600 https://github.com/r3dxpl0it/CVE-2018-7600 https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE https://github.com/sl4cky/CVE-2018-7600 https://github.com/s • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6930
https://notcve.org/view.php?id=CVE-2017-6930
In Drupal versions 8.4.x versions before 8.4.5 when using node access controls with a multilingual site, Drupal marks the untranslated version of a node as the default fallback for access queries. This fallback is used for languages that do not yet have a translated version of the created node. This can result in an access bypass vulnerability. This issue is mitigated by the fact that it only applies to sites that a) use the Content Translation module; and b) use a node access module such as Domain Access which implement hook_node_access_records(). En las versiones 8.4.x de Drupal anteriores a la 8.4.5, al emplear controles de acceso a nodos con un sitio multilingüe, Drupal marca la versión sin traducir de un nodo como la reserva por defecto para consultas de acceso. • https://www.drupal.org/sa-core-2018-001 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6931
https://notcve.org/view.php?id=CVE-2017-6931
In Drupal versions 8.4.x versions before 8.4.5 the Settings Tray module has a vulnerability that allows users to update certain data that they do not have the permissions for. If you have implemented a Settings Tray form in contrib or a custom module, the correct access checks should be added. This release fixes the only two implementations in core, but does not harden against other such bypasses. This vulnerability can be mitigated by disabling the Settings Tray module. En las versiones 8.4.x de Drupal anteriores a la 8.4.5, el módulo Settings Tray tiene una vulnerabilidad que permite que los usuarios actualicen ciertos datos para los que no tienen permisos. • https://www.drupal.org/sa-core-2018-001 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6926
https://notcve.org/view.php?id=CVE-2017-6926
In Drupal versions 8.4.x versions before 8.4.5 users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content. This vulnerability is mitigated by the fact that the comment system must be enabled and the attacker must have permission to post comments. En las versiones 8.4.x de Drupal anteriores a la 8.4.5, los usuarios con permisos para publicar comentarios pueden ver contenido y comentarios a los que no tienen acceso y, además, también pueden añadir comentarios en estos contenidos. Esta vulnerabilidad se mitiga por el hecho de que el sistema de comentarios debe estar activado y el atacante debe tener permiso para publicar comentarios. • https://www.drupal.org/sa-core-2018-001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •