diff options
author | Jose Alonso Cardenas Marquez <acm@FreeBSD.org> | 2019-03-27 21:51:40 +0000 |
---|---|---|
committer | Jose Alonso Cardenas Marquez <acm@FreeBSD.org> | 2019-03-27 21:51:40 +0000 |
commit | f7ed7e21d41757e650aaf615dba9b588fa5175f1 (patch) | |
tree | 663fad3a1ff597821e9a91ad4819ab4d94ee16a3 /security | |
parent | e3050171675cf55b00500ddc0e90e34cef5b224a (diff) | |
download | ports-f7ed7e21d41757e650aaf615dba9b588fa5175f1.tar.gz ports-f7ed7e21d41757e650aaf615dba9b588fa5175f1.zip |
Notes
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 608f37f3da46..b9374e0a78ee 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -59,23 +59,28 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> <vuln vid="94d63fd7-508b-11e9-9ba0-4c72b94353b5"> - <topic>drupal -- Multiple Vulnerabilities</topic> + <topic>drupal -- Drupal core - Moderately critical - Cross Site Scripting</topic> <affects> <package> <name>drupal7</name> <range><lt>7.65</lt></range> </package> + <package> + <name>drupal8</name> + <range><lt>8.6.13</lt></range> + </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>Drupal Security Team reports:</p> - <blockquote cite="https://www.drupal.org/project/drupal/releases/7.65"> + <blockquote cite="https://www.drupal.org/SA-CORE-2019-004"> <p>Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.</p> </blockquote> </body> </description> <references> + <url>https://www.drupal.org/project/drupal/releases/8.6.13</url> <url>https://www.drupal.org/project/drupal/releases/7.65</url> <url>https://www.drupal.org/SA-CORE-2019-004</url> <cvename>CVE-2019-6341</cvename> |