Security

SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2021-036

SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2021-036

Project: SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider
Date: 2021-September-22
Security risk: Moderately critical 14∕25 
Vulnerability: Multiple vulnerabilities

Description

This module provides a solution to authenticate visitors using existing SAML providers.

Certain non-default configurations allow a malicious user to login as any chosen user.

Read More

Taxonomy Manager - Moderately critical - Access bypass - SA-CONTRIB-2021-035

Taxonomy Manager - Moderately critical - Access bypass - SA-CONTRIB-2021-035

Project: Taxonomy Manager
Date: 2021-September-22
Security risk: Moderately critical 10∕25
Vulnerability: Access bypass

Description

This module provides a powerful interface for managing a taxonomy vocabulary. A vocabulary gets displayed in a dynamic tree view, where parent terms can be expanded to list their nested child terms or can be collapsed.

The module does not take the correct user permissions into account, allowing an attacker to delete and move terms.

Read More

Search API attachments - Critical - Arbitrary PHP code execution - SA-CONTRIB-2021-034

Search API attachments - Critical - Arbitrary PHP code execution - SA-CONTRIB-2021-034

Project: Search API attachments
Date: 2021-September-22
Security risk: Critical 15∕25
Vulnerability: Arbitrary PHP code execution

Description

This module enables you to extract the textual content of files for use on a website, e.g. to display it or or use it in search indexes.

The module doesn't sufficiently protect the administrator-defined commands which are executed on the server, which leads to post-authentication remote code execution by a limited set of users.

Read More

File Extractor - Critical - Arbitrary PHP code execution - SA-CONTRIB-2021-033

File Extractor - Critical - Arbitrary PHP code execution - SA-CONTRIB-2021-033

Project: File Extractor
Date: 2021-September-22
Security risk: Critical 15∕25
Vulnerability: Arbitrary PHP code execution

Description

This module enables you to extract the textual content of files for use on a website, e.g. to display it or or use it in search indexes.

The module doesn't sufficiently protect the administrator-defined commands which are executed on the server, which leads to post-authentication remote code execution by a limited set of users.

Read More

Commerce Core - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2021-032

Commerce Core - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2021-032

Project: Commerce Core
Date: 2021-September-22
Security risk: Moderately critical 14∕25
Vulnerability: Access bypass, Information Disclosure

Description

This module provides a system for building an ecommerce solution in their Drupal site.

The module doesn't sufficiently verify access to profile data in certain circumstances.

This vulnerability is mitigated by the fact that an attacker must have permission to perform the checkout operation.

Solution

Install the latest version:

Read More

Client-side Hierarchical Select - Moderately critical - Cross-site scripting - SA-CONTRIB-2021-031

Client-side Hierarchical Select - Moderately critical - Cross-site scripting - SA-CONTRIB-2021-031

Project: Client-side Hierarchical Select
Date: 2021-September-22
Security risk: Moderately critical 13∕25
Vulnerability: Cross-site scripting

Description

The module provides a field widget for selecting taxonomy terms in a hierarchical fashion.

The module doesn't sanitize user input in certain cases, leading to a possible Cross-Site-Scripting (XSS) vulnerability.

Read More

User hash - Moderately critical - Cache poisoning - SA-CONTRIB-2021-030

User hash - Moderately critical - Cache poisoning - SA-CONTRIB-2021-030

Project: User hash
Date: 2021-September-22
Security risk: Moderately critical 12∕25
Vulnerability: Cache poisoning

Description

This module enables you to create an individual hash for each user. These hashes can be used for authentication instead of the user's password, e.g. for views exporters.

The module doesn't sufficiently invalidate page output when the page_cache module is used.

Read More

Critical and moderately critical security advisories for the The Better Mega Menu module

Critical and moderately critical security adversaries for the The Better Mega Menu module

The Better Mega Menu - Moderately critical - Cross Site Scripting, Information Disclosure, Multiple vulnerabilities - SA-CONTRIB-2021-038

Project: The Better Mega Menu
Date: 2021-September-22
Security risk: Moderately critical 12∕25
Vulnerability: Cross Site Scripting, Information Disclosure, Multiple vulnerabilities

Description

This module provides an admin interface for creating drop down menus that combine Drupal menu items with rich media content.

Read More

Pages