Vulnerability Bulletins

Drupal core - Critical - Multiple Vulnerabilities - SA-CORE-2018-001


System information

   
Affected software Drupal

Description

Project: Drupal coreVersion: 8.4.x-dev7.x-devDate: 2018-February-21Security risk: Critical 16∕25 AC:Basic/A:User/CI:Some/II:Some/E:Exploit/TD:DefaultVulnerability: Multiple Vulnerabilities Description: This security advisory fixes multiple vulnerabilities in both Drupal 7 and Drupal 8. See below for a list. Comment reply form allows access to restricted content - Critical - Drupal 8Users with permission to post comments are able to view content and comments they do not have access to,

More info:

https://www.drupal.org/sa-core-2018-001

Standar resources

Property Value
CVE

Version history

Version Comments Date
1.0 Advisory issued 2018-02-23
Ministerio de Defensa
CNI
CCN
CCN-CERT