A new vulnerability was discovered: CVE-2019-6341

Question

A new vulnerability was discovered: CVE-2019-6341

Closed this issue 2 years ago · 0 comments

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.

Read more at Debricked: https://app.debricked.com/en/service/vulnerability/120102