Drupal

Drupal

266 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-3057

  • EPSS 0.03%
  • Veröffentlicht 31.03.2025 22:15:23
  • Zuletzt bearbeitet 15.04.2025 14:31:28

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0...

5.4

CVE-2025-31675

  • EPSS 0.03%
  • Veröffentlicht 31.03.2025 22:15:20
  • Zuletzt bearbeitet 02.06.2025 16:25:25

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).This issue affects Drupal core: from 8.0.0 before 10.3.14, from 10.4.0 before 10.4.5, from 11.0...

4.6

CVE-2025-31673

  • EPSS 0.04%
  • Veröffentlicht 31.03.2025 22:15:19
  • Zuletzt bearbeitet 02.06.2025 16:25:04

Incorrect Authorization vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.

7.5

CVE-2025-31674

  • EPSS 0.28%
  • Veröffentlicht 31.03.2025 22:15:19
  • Zuletzt bearbeitet 01.05.2025 14:35:58

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.1...

5.4

CVE-2024-12393

  • EPSS 0.4%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 02.06.2025 16:21:01

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 8.8.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0...

8.1

CVE-2024-55634

  • EPSS 0.17%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 02.06.2025 16:21:42

A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.

6.1

CVE-2024-55635

  • EPSS 0.38%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 02.06.2025 16:22:31

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102.

9.8

CVE-2024-55636

  • EPSS 3.55%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 02.06.2025 16:23:09

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is e...

9.8

CVE-2024-55637

  • EPSS 3.43%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 02.06.2025 16:23:28

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is e...

9.8

CVE-2024-55638

  • EPSS 3.55%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 02.06.2025 16:23:56

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 7.0 before 7.102, from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9. Drupal core contains a chain of methods that is explo...