Vulnerabilities

CVE-2019-6341

by Fred · 26/03/2019

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.

Date published : 2019-03-26

https://www.drupal.org/sa-core-2019-004

https://www.synology.com/security/advisory/Synology_SA_19_13

Similar

Tags: Cybersecurity Alert