Drupal Core Vulnerabilities

Drupal Core Vulnerability - XSS (Cross-Site Scripting)

CVE-2024-12393

DrupalDrupal Core

Drupal Core Vulnerability Allows File Manipulation

CVE-2024-11942

DrupalDrupal Core

Excessive Allocation Vulnerability Affects Drupal Core

CVE-2024-11941

DrupalDrupal Core

Drupal core - Critical - Cache poisoning - SA-CORE-2023-006

CVE-2023-5256

DrupalCore7.5HIGH

Access Control Vulnerability in Drupal Core by Drupal

CVE-2022-25278

DrupalCore6.5MEDIUM

File Path Exposure Vulnerability in Drupal by Drupal

CVE-2023-31250

DrupalCore6.5MEDIUM

Improper Input Validation in Drupal Core Forms Affecting Custom Modules

CVE-2022-25273

DrupalCore7.5HIGH

Access Bypass in Drupal's Revision System for Node and Media Content

CVE-2022-25274

DrupalCore5.4MEDIUM

Access Control Flaw in Drupal Image Module

CVE-2022-25275

DrupalCore7.5HIGH

Cross-Site Scripting Vulnerability in Drupal's Media oEmbed Component

CVE-2022-25276

DrupalCore6.1MEDIUM

File Upload Vulnerability in Drupal Core by Acquia

CVE-2022-25277

DrupalCore7.2HIGH

Access Control Flaw in Quick Edit Module for Drupal by Drupal

CVE-2022-25270

DrupalCore6.5MEDIUM

Improper Input Validation in Drupal Core's Form API Affecting User Data Security

CVE-2022-25271

DrupalCore7.5HIGH

Access Control Vulnerability in Drupal Core JSON:API by Drupal

CVE-2020-13677

DrupalCore7.5HIGH

Access Control Issue in Drupal's QuickEdit Module

CVE-2020-13676

DrupalCore6.5MEDIUM

Information Disclosure Vulnerability in Drupal Core File Module

CVE-2020-13670

DrupalCore7.5HIGH

Access Validation Bypass in QuickEdit Module for Drupal

CVE-2020-13674

DrupalCore6.5MEDIUM

Access Bypass Vulnerability in Drupal's JSON:API and REST/File Modules

CVE-2020-13675

DrupalCore9.8CRITICAL

Cross-Site Scripting Vulnerability in Drupal Core by Drupal

CVE-2020-13672

DrupalCore6.1MEDIUM

Cross-Site Scripting Vulnerability in Drupal Core by Drupal

CVE-2020-13669

DrupalCore6.1MEDIUM

Access bypass in Drupal Core 8/9

CVE-2020-13668

DrupalCore6.1MEDIUM

CVE-2020-13688

DrupalDrupal Core6.1MEDIUM

CVE-2020-13663

DrupalDrupal Core8.8HIGH

CVE-2020-13667

DrupalDrupal Core5.3MEDIUM

CVE-2020-13664

DrupalDrupal Core8.8HIGH

Drupal Core Vulnerabilities

Vulnerability Published:

Sort By:

10 December 2024

Drupal Core Vulnerability - XSS (Cross-Site Scripting)

5 December 2024

Drupal Core Vulnerability Allows File Manipulation

Excessive Allocation Vulnerability Affects Drupal Core

28 September 2023

Drupal core - Critical - Cache poisoning - SA-CORE-2023-006

26 April 2023

Access Control Vulnerability in Drupal Core by Drupal

File Path Exposure Vulnerability in Drupal by Drupal

Improper Input Validation in Drupal Core Forms Affecting Custom Modules

Access Bypass in Drupal's Revision System for Node and Media Content

Access Control Flaw in Drupal Image Module

Cross-Site Scripting Vulnerability in Drupal's Media oEmbed Component

File Upload Vulnerability in Drupal Core by Acquia

17 February 2022

Access Control Flaw in Quick Edit Module for Drupal by Drupal

16 February 2022

Improper Input Validation in Drupal Core's Form API Affecting User Data Security

11 February 2022

Access Control Vulnerability in Drupal Core JSON:API by Drupal

Access Control Issue in Drupal's QuickEdit Module

Information Disclosure Vulnerability in Drupal Core File Module

Access Validation Bypass in QuickEdit Module for Drupal

Access Bypass Vulnerability in Drupal's JSON:API and REST/File Modules

Cross-Site Scripting Vulnerability in Drupal Core by Drupal

Cross-Site Scripting Vulnerability in Drupal Core by Drupal

Access bypass in Drupal Core 8/9

11 June 2021

17 May 2021

5 May 2021