Synology-SA-19:43 Drupal
Publish Time: UTC+8
Last Updated: UTC+8
- Severity
- Moderate
- Status
- Resolved
Abstract
A vulnerability allows remote authenticated users to upload arbitrary files via a susceptible version of Drupal.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| Drupal 8 | Moderate | Upgrade to 8.8.4-0019 or above. |
| Drupal | Moderate | Will not fix |
Mitigation
None
Detail
Reserved
Reference
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2019-12-23 | Initial public release. |
| 2 | 2020-03-30 | Update for Drupal 8 is now available in Affected Products. |
| 3 | 2020-10-20 | Updated Fixed Release Availability for Drupal in Affected Products. |