Nick Onom's picture

Nick

 Marketing Project Manager

Aug 15, 2019
Add comment

Super Login - Moderately critical - Cross site scripting - SA-CONTRIB-2019-062

Super Login - Moderately critical - Cross site scripting - SA-CONTRIB-2019-062

Project: Super Login
Date: 2019-August-14
Security risk: Moderately critical 13∕25
Vulnerability: Cross site scripting

Description

This module improves the Drupal login page with the new features and layout.

The module doesn't sufficiently filter input text in the administration pages text configuration inputs. For example, the login text field.

The vulnerability is mitigated by the fact it can only be exploited by a user with the "Administer super login" permission.

Solution

Install the latest version:

If you use the Super Login module for Drupal 8.x, upgrade to Super Login 8.x-1.3
If you use the Super Login module for Drupal 7.x, upgrade to Super Login 7.x-1.4

Also see the Super Login project page.

Nick Onom's picture
Nick Onom
Marketing Project Manager
Enthusiastic about all kinds of Open Source applications, AI, bitcoins, but mostly Drupal and Backdrop. For last years has been actively developing AltaGrade's new back-end system.
Drupal · Security

We value your opinion. Please add your feedback.

Get Started or Contact Us