vulnerability
FreeBSD: VID-57580fcc-1a61-11e8-97e0-00e04c1ea73d (CVE-2017-6926): drupal -- Drupal Core - Multiple Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:S/C:P/I:P/A:N) | Feb 25, 2018 | Feb 27, 2018 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
Feb 25, 2018
Added
Feb 27, 2018
Modified
Dec 10, 2025
Description
Drupal Security Team reports: CVE-2017-6926: Comment reply form allows access to restricted content CVE-2017-6927: JavaScript cross-site scripting prevention is incomplete CVE-2017-6928: Private file access bypass - Moderately Critical CVE-2017-6929: jQuery vulnerability with untrusted domains - Moderately Critical CVE-2017-6930: Language fallback can be incorrect on multilingual sites with node access restrictions CVE-2017-6931: Settings Tray access bypass CVE-2017-6932: External link injection on 404 pages when linking to the current page
Solutions
freebsd-upgrade-package-drupal7freebsd-upgrade-package-drupal8
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.