Vulnerability Bulletins

Drupal core - Critical - Multiple Vulnerabilities - SA-CORE-2018-001


System information

   
Affected software Drupal

Description

Project: Drupal coreVersion: 8.4.x-dev7.x-devDate: 2018-February-21Security risk: Critical 16∕25 AC:Basic/A:User/CI:Some/II:Some/E:Exploit/TD:DefaultVulnerability: Multiple Vulnerabilities Description: This security advisory fixes multiple vulnerabilities in both Drupal 7 and Drupal 8. See below for a list. Comment reply form allows access to restricted content - Critical - Drupal 8 - CVE-2017-6926Users with permission to post comments are able to view content and comments they do not

More info:

https://www.drupal.org/sa-core-2018-001

Standar resources

Property Value
CVE CVE-2017-6926 ,CVE-2017-6927 ,CVE-2017-6928 ,CVE-2017-6929 ,CVE-2017-6930 ,CVE-2017-6931 and CVE-2017-6932.

Version history

Version Comments Date
1.0 Advisory issued 2018-02-25
Ministerio de Defensa
CNI
CCN
CCN-CERT