The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Drupal Modules ~ not comprehensive

Drupal Commerce: information disclosure
An attacker can bypass access restrictions to data of Drupal Commerce, in order to obtain sensitive information...
DRUPAL-SA-CONTRIB-2020-020, VIGILANCE-VUL-32349
Drupal JSON-API: vulnerability
A vulnerability of Drupal JSON:API was announced...
DRUPAL-SA-CONTRIB-2020-010, VIGILANCE-VUL-32037
Drupal Svg Image: Cross Site Scripting via SVG Files
An attacker can trigger a Cross Site Scripting via SVG Files of Drupal Svg Image, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2020-008, VIGILANCE-VUL-31881
Drupal CKEditor: Cross Site Scripting via Admin Section
An attacker can trigger a Cross Site Scripting via Admin Section of Drupal CKEditor, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2020-007, FEDORA-2020-71ebbd64dc, FEDORA-2020-e653bca022, VIGILANCE-VUL-31825
CKEditor: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of CKEditor, in order to run JavaScript code in the context of the web site...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, CERTFR-2020-AVI-163, DRUPAL-SA-CORE-2020-001, VIGILANCE-VUL-31824
Drupal SAML Service Provider: privilege escalation
An attacker can bypass restrictions of Drupal SAML Service Provider, in order to escalate his privileges...
DRUPAL-SA-CONTRIB-2020-006, VIGILANCE-VUL-31772
Drupal SVG Formatter: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal SVG Formatter, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2020-005, VIGILANCE-VUL-31734
Drupal Profile: privilege escalation via Create Profiles Permission
An attacker can bypass restrictions via Create Profiles Permission of Drupal Profile, in order to escalate his privileges...
DRUPAL-SA-CONTRIB-2020-004, VIGILANCE-VUL-31649
Drupal Views Bulk Operations: privilege escalation via hook_action_info_alter
An attacker can bypass restrictions via hook_action_info_alter of Drupal Views Bulk Operations, in order to escalate his privileges...
DRUPAL-SA-CONTRIB-2020-003, VIGILANCE-VUL-31532
Drupal SpamSpan: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal SpamSpan, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2020-002, VIGILANCE-VUL-31416
Our database contains other pages. You can request a free trial to read them.

Display information about Drupal Modules ~ not comprehensive: