Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

Drupal

Drupal is an open-source platform and content management system for building dynamic web sites offering a broad range of features and services including user administration publishing workflow discussion capabilities news aggregation metadata functionalities using controlled vocabularies and XML publishing for content sharing purposes.

Official Site:

https://www.drupal.org/

Severity Summary:

Critical: 50 High: 116 Medium: 469 Low: 32
Reference
Title
Severity
CVE-2015-2749
Drupal URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2007-0136
Drupal Core 4.6.x Cross-Site Scripting
Medium
CVE-2015-6665
Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-13663
Drupal Core 7.x Cross-Site Request Forgery
Medium
CVE-2020-13663
Drupal Core 8.x.x Cross-Site Request Forgery
Medium
CVE-2020-13663
Drupal Core 8.8.x Cross-Site Request Forgery
Medium
CVE-2020-13663
Drupal Core 8.9.0 Cross-Site Request Forgery
Medium
CVE-2020-13663
Drupal Core 9.0.0 Cross-Site Request Forgery
Medium
CVE-2020-13662
Drupal Core 7.x Open Redirect
Medium
CVE-2020-11022
Drupal Core 7.x Cross-Site Scripting
Medium
CVE-2020-13666
Drupal Core 8.x.x Multiple Cross-Site Scripting Vulnerabilities
Medium
CVE-2020-13669
Drupal Core 8.x.x Multiple Cross-Site Scripting Vulnerabilities
Medium
No CVE number
Drupal Core 9.1.x Cross-Site Scripting
Medium
CVE-2020-13672
Drupal Core 9.1.x Cross-Site Scripting
Medium
No CVE number
Drupal Core 9.2.x Cross-Site Scripting
Medium
CVE-2016-3170
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-11022
Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-2714
Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-33829
Drupal Core 8.x.x Cross-Site Scripting
Medium
CVE-2021-33829
Drupal Core 8.9.x Cross-Site Scripting
Medium
CVE-2021-33829
Drupal Core 9.0.x Cross-Site Scripting
Medium
CVE-2021-33829
Drupal Core 9.1.x Cross-Site Scripting
Medium
CVE-2020-13672
Drupal Core 7.x Cross-Site Scripting
Medium
CVE-2020-13672
Drupal Core 8.x.x Cross-Site Scripting
Medium
CVE-2020-13672
Drupal Core 8.9.x Cross-Site Scripting
Medium
CVE-2020-13672
Drupal Core 9.0.x Cross-Site Scripting
Medium
CVE-2010-2473
Drupal Improper Input Validation Vulnerability
Medium
CVE-2020-13688
Drupal Core 8.x.x Multiple Cross-Site Scripting Vulnerabilities
Medium
CVE-2010-2472
Drupal Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-7943
Drupal URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium