Security

HTML Mail - Critical - Remote Code Execution - SA-CONTRIB-2018-069

Project: HTML Mail
Date: 2018-October-17
Security risk: *Critical* 17∕25
Vulnerability: Remote Code Execution

Description

The HTML Mail module lets you theme your messages the same way you theme the
rest of your website.

When sending email some variables were not being sanitized for shell
arguments, which could lead to remote code execution.

This issue is related to the Drupal Core release SA-CORE-2018-006.

Solution

Install the latest version:

Drupal Core - Multiple Vulnerabilities - SA-CORE-2018-006

* Advisory ID: DRUPAL-SA-CONTRIB-2018-006
* Project: Drupal core
* Version: 7.x, 8.x
* Date: 2018-October-17

DESCRIPTION

*Content moderation - Moderately critical - Access bypass - Drupal 8 *

In some conditions, content moderation fails to check a users access to use
certain transitions, leading to an access bypass.

In order to fix this issue, the following changes have been made to content
moderation which may have implications for backwards compatibility:

Workbench Moderation - Moderately critical - Access bypass - SA-CONTRIB-2018-067

Project: Workbench Moderation
Date: 2018-October-17
Security risk: *Moderately critical* 11∕25
Vulnerability: Access bypass

Description

The Workbench Moderation module adds arbitrary moderation states to Drupal
core's "unpublished" and "published" node states, and affects the behavior of
node revisions when nodes are published.

In some conditions, content moderation fails to check a users access to use
certain transitions, leading to an access bypass.

Mime Mail - Critical - Remote Code Execution - SA-CONTRIB-2018-068

Project: Mime Mail
Date: 2018-October-17
Security risk: *Critical* 17∕25
Vulnerability: Remote Code Execution

Description

The MIME Mail module allows to send MIME-encoded e-mail messages with
embedded images and attachments.

The module doesn't sufficiently sanitized some variables for shell arguments
when sending email, which could lead to arbitrary remote code execution.

This issue is related to the Drupal Core release SA-CORE-2018-006.

Solution

Install the latest version:

Search Autocomplete - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-070

Project: Search Autocomplete
Date: 2018-October-17
Security risk: *Moderately critical* 13∕25
Vulnerability: Cross Site Scripting

Description

This Search Autocomplete module enables you to autocomplete textfield using
data from your website (nodes, comments, etc..).

The module doesn't sufficiently filter user-entered text among the
autocompletion items leading to a Cross Site Scripting (XSS) vulnerability.

Lightbox2 - Critical - Cross Site Scripting - SA-CONTRIB-2018-064

Project: Lightbox2
Version: 7.x-2.x-dev
Date: 2018-October-10
Security risk: *Critical* 18∕25
Vulnerability: Cross Site Scripting

Description

The Lightbox2 module enables you to overlay images on the current page.

The module did not sanitize some inputs when used in combination with a
custom view leading to potential Cross Site Scripting (XSS).

Solution

Install the latest version:

Search API Solr Search - Moderately critical - Access bypass

Project: Search API Solr Search
Version: 7.x-1.13
Date: 2018-October-10
Security risk: *Moderately critical* 10∕25
Vulnerability: Access bypass

Description

This module provides support for creating searches using the Apache Solr
search engine and the Search API Drupal module.

NVP field - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-066

Project: NVP field
Date: 2018-October-10
Security risk: *Moderately critical* 14∕25
Vulnerability: Cross Site Scripting

Description

NVP field module allows you to create a field type of name/value pairs, with custom titles and easily editable rendering with customizable HTML/text surrounding the pairs.

The module doesn't sufficiently handle sanitization of its field formatter's output.

Printer, email and PDF versions - Highly critical - Remote Code Execution - SA-CONTRIB-2018-063

Project: Printer, email and PDF versions
Version: 7.x-2.x-dev
Date: 2018-October-03
Security risk: *Highly critical* 20∕25
Vulnerability: Remote Code Execution

Description

 
This module provides printer-friendly versions of content, including send by
e-mail and PDF versions.

Taxonomy File Tree - Moderately critical - Access bypass - SA-CONTRIB-2018-061

Project: Taxonomy File Tree
Version: 7.x-1.0
Date: 2018-September-26
Security risk: *Moderately critical* 13∕25
Vulnerability: Access bypass

Description

Taxonomy File Tree allows site managers to create file trees.

For files managed as Drupal files, the module does not properly check that a
user has access to a file before letting the user download the file.

This vulnerability only affects sites that use private files.

Pages

Subscribe to Security