The AltaGrade Blog

Project: Entity Embed
Date: 2021-September-15
Security risk: Moderately critical 11∕25
Vulnerability: Cross Site Request Forgery
CVE IDs: CVE-2020-13673

Description

This advisory addresses a similar issue to Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-006.

WordPress 5.8.1 is now available!

This security and maintenance release features 60 bug fixes in addition to 3 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 5.4 have also been updated.

Project: Admin Toolbar
Date: 2021-August-25
Security risk: Moderately critical 13∕25
Vulnerability: Cross Site Scripting, Access Bypass

Description

The Admin Toolbar (admin_toolbar) module extends the default toolbar provided by Drupal Core with various features facilitating day-to-day editorial and administrative work.

The Admin Toolbar Search sub-module of this module

I was recently setting up my local development environment for a new Drupal 9 project and despite abundance of documentation, couldn't get the Devel and Kint properly working at once. And because most of tutorials found online on the subject turned out to be buggy, outdated and/or obsolete, for posterity reasons I decided to log the installation steps that worked for me.

But first, let's get to definitions of both development modules.