FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-29 10:45:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
f70ab05e-be06-11eb-b983-000c294bb613drupal7 -- fix possible CSS

Drupal Security team reports:

Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. Not all sites and users are affected, but configuration changes to prevent the exploit might be impractical and will vary between sites. Therefore, we recommend all sites update to this release as soon as possible.


Discovery 2021-04-21
Entry 2021-06-06
drupal7
gt 7.0 lt 7.80

CVE-2020-13672
b51d5391-bb76-11ea-9172-4c72b94353b5drupal -- Multiple Vulnerabilities

Drupal Security Team reports:

The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities.


Discovery 2020-06-17
Entry 2020-07-01
drupal7
< 7.72

https://www.drupal.org/sa-core-2020-004
95d9d986-1078-11eb-ab74-4c72b94353b5drupal -- Multiple Vulnerabilities

Drupal Security Team reports:

The Drupal AJAX API does not disable JSONP by default, which can lead to cross-site scripting.


Discovery 2020-09-16
Entry 2020-10-17
drupal7
< 7.72

https://www.drupal.org/sa-core-2020-007