KCFinder integration - Critical - Unsupported Module - SA-CONTRIB-2018-024

Project: KCFinder integration
Date: 2018-May-09
Security risk: *Critical* 16∕25
Vulnerability: Unsupported Module

Description

KCFinder is a multi-language file / image manager you can use to easily
select, insert, upload and arrange images, flash movies, and other kinds of
files.

The security team is marking this module unsupported. There is a known
security issue with the module that has not been fixed by the maintainer. If
you would like to maintain this module, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported modules critical by default.

Solution

If you use the KCFinder integration you should uninstall it.

Add new comment