Drupal — Vulnerabilities & Security Advisories 295

Browse all 295 CVE security advisories affecting Drupal. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2020-13688	Drupal Core 跨站脚本漏洞 — Drupal Core	6.1	-	2021-06-11
CVE-2020-13663	Drupal 跨站请求伪造漏洞 — Drupal Core	8.8	-	2021-06-11
CVE-2020-13667	Drupal 安全漏洞 — Drupal Core	7.5	-	2021-05-17
CVE-2020-13664	Drupal 命令注入漏洞 — Drupal Core	8.8	-	2021-05-05
CVE-2020-13662	IBM API Connect 输入验证错误漏洞 — Drupal Core	6.1	-	2021-05-05
CVE-2020-13665	Drupal 安全漏洞 — Drupal Core	9.8	-	2021-05-05
CVE-2020-13666	Drupal 跨站脚本漏洞 — Drupal Core	6.1	-	2021-05-05
CVE-2020-13671	Drupal core 代码问题漏洞 — Drupal Core	8.8	-	2020-11-20
CVE-2019-6342	Drupal core - Critical - Access bypass - SA-CORE-2019-008 — Drupal Core	7.5	-	2020-05-28
CVE-2011-2715	Drupal Data SQL注入漏洞 — Data-module	9.8	-	2020-01-14
CVE-2011-2714	Drupal Data 跨站脚本漏洞 — Data-module	6.1	-	2020-01-14
CVE-2010-2471	Drupal 输入验证错误漏洞 — drupal6	6.1	-	2019-11-06
CVE-2019-6341	Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004 — Drupal core	5.4	-	2019-03-26
CVE-2019-6340	Drupal core - Highly critical - Remote Code Execution — Drupal Core	8.1	-	2019-02-21
CVE-2017-6923	Access bypass in Drupal 8 views — Drupal core	6.5	-	2019-01-22
CVE-2017-6922	Files uploaded by anonymous users into a private file system can be accessed by other anonymous users — Drupal Core	7.5	-	2019-01-22
CVE-2019-6338	third-party PEAR Archive_Tar library updates — Drupal core	8.0	-	2019-01-22
CVE-2019-6339	PHAR stream wrapper Arbitrary PHP code execution — Drupal core	9.8	-	2019-01-22
CVE-2017-6921	File REST resource does not properly validate — Drupal Core	7.4	-	2019-01-15
CVE-2018-7603	Search Autocomplete — 3rd party module - Search Autocomplete	6.1	-	2019-01-15
CVE-2017-6924	REST API can bypass comment approval - Access Bypass - Moderately Critical — Drupal Core	7.4	-	2019-01-15
CVE-2018-7602	Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004 — core	9.8	-	2018-07-19
CVE-2017-6377	Drupal 安全漏洞 — Drupal Core	9.1	-	2017-03-16
CVE-2017-6379	Drupal 跨站请求伪造漏洞 — Drupal Core	7.5	-	2017-03-16
CVE-2017-6381	Drupal 安全漏洞 — Drupal Core	8.1	-	2017-03-16

This page lists every published CVE security advisory associated with Drupal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Drupal — Vulnerabilities & Security Advisories 295