FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drupal8 -- multiple vulnerabilities

Affected packages
drupal8 < 8.2.7


VuXML ID 2730c668-0b1c-11e7-8d52-6cf0497db129
Discovery 2017-03-15
Entry 2017-03-17

Drupal Security Team reports:

CVE-2017-6377: Editor module incorrectly checks access to inline private files

CVE-2017-6379: Some admin paths were not protected with a CSRF token

CVE-2017-6381: Remote code execution


CVE Name CVE-2017-6377
CVE Name CVE-2017-6379
CVE Name CVE-2017-6381