Description

Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.

Remediation

References

CVE-2020-13668

Related Vulnerabilities

MediaWiki CVE-2023-36674 Vulnerability (CVE-2023-36674)

WordPress Plugin Link Juice Keeper Cross-Site Scripting (2.0.2)

WordPress Plugin LionScripts:IP Blocker Lite Cross-Site Request Forgery (10.3)

MongoDb Integer Overflow or Wraparound Vulnerability (CVE-2019-2392)

WordPress Plugin Duplicator-WordPress Migration Remote Code Execution (1.2.40)

Severity

Medium

Classification

CVE-2020-13668 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities