Day: 18 abril, 2019

Publicado el

Drupal core – Moderately critical – Multiple Vulnerabilities – SA-CORE-2019-005

Project: Drupal coreDate: 2019-April-17Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Multiple Vulnerabilities Description: This security release fixes third-party dependencies included in or required by Drupal core. CVE-2019-10909: Escape validation messages in the PHP templating engine. From that advisory:Validation messages were not escaped when using the form theme of the PHP templating engine which, when validation messages More info: https://www.drupal.org/sa-core-2019-005
Publicado el

Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2019-006

Project: Drupal coreDate: 2019-April-17Security risk: Moderately critical 10∕25 AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Cross Site ScriptingDescription: The jQuery project released version 3.4.0, and as part of that, disclosed a security vulnerability that affects all prior versions. As described in their release notes:jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extend(true, {}, ...). If an unsanitized source object More info: https://www.drupal.org/sa-core-2019-006
Publicado el

Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2019-006

Project: Drupal coreDate: 2019-April-17Security risk: Moderately critical 10∕25 AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Cross Site ScriptingDescription: The jQuery project released version 3.4.0, and as part of that, disclosed a security vulnerability that affects all prior versions. As described in their release notes:jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extend(true, {}, ...). If an unsanitized source object More info: https://www.drupal.org/sa-core-2019-006
Acceso Administrador
Translate »