A new vulnerability was discovered: CVE-2019-6341

debricked / soot-wrapper

Analyses how you use your dependencies to figure out if you use the vulnerable parts of a vulnerable dependency

MIT License

4 stars 5 forks source link

A new vulnerability was discovered: CVE-2019-6341 #28

Closed debricked[bot] closed 2 years ago

debricked[bot] commented 3 years ago

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.

Read more at Debricked: https://app.debricked.com/en/service/vulnerability/120102