SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Drupal core File module XSS 1

Category: WEB-ATTACKS      

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13; Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6341


Relevant Information