SB2018032922 - Fedora 26 update for drupal7 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018032922

SB2018032922 - Fedora 26 update for drupal7

Published: March 29, 2018 Updated: April 24, 2025

Security Bulletin ID SB2018032922
Severity
Low
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2017-6926)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists improper permissions controls in the comment system. A remote attacker permission to post comments can view content and comments he doesn't have access to, and is also able to add comments to this content.


2) Cross-site scripting (CVE-ID: CVE-2017-6927)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists in <VENDOR>.checkPlain() JavaScript function due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Name of vulnerable function depends on the software that includes vulnerable library, for example: Drupal.checkPlain(), or Backdrop.checkPlain().



3) Security restrictions bypass (CVE-ID: CVE-2017-6928)

The disclosed vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to improper access check for unusual site configurations when one module is trying to grant access to the file and another is trying to deny it. A remote attacker can bypass private file access.


4) Cross-site scripting (CVE-ID: CVE-2017-6929)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists in jQuery due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


5) Security restrictions bypass (CVE-ID: CVE-2017-6930)

The disclosed vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to incorrect language fallback on multilingual sites with node access restrictions. A remote attacker can bypass access.

The issue only applies to sites that a) use the Content Translation module; and b) use a node access module such as Domain Access which implement hook_node_access_records().


6) Security restrictions bypass (CVE-ID: CVE-2017-6931)

The disclosed vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to incorrect access checks. A remote attacker can bypass Settings Tray access and update certain data that they do not have the permissions for.


7) Open redirect (CVE-ID: CVE-2017-6932)

The vulnerability allows a remote attacker to perform phishing attacks.

The vulnerability exists due to open redirect. A remote attacker can use a specially crafted 'url' parameter and redirect users to malicious websites.


Remediation

Install update from vendor's website.

References