CVE-2018-25002
N/A
N/A
Summary
uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.drupal.org/sa-contrib-2018-024
- https://www.drupal.org/project/kcfinder/issues/1768720
- https://www.drupal.org/project/kcfinder/issues/1768718
References
- https://www.drupal.org/sa-contrib-2018-024
- https://www.drupal.org/project/kcfinder/issues/1768720
- https://www.drupal.org/project/kcfinder/issues/1768718
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.