The AltaGrade Blog

Simple AMP (Accelerated Mobile Pages) - Moderately critical - Access bypass - SA-CONTRIB-2019-071

Simple AMP (Accelerated Mobile Pages) - Moderately critical - Access bypass - SA-CONTRIB-2019-071

Project: Simple AMP (Accelerated Mobile Pages)
Date: 2019-October-02
Security risk: Moderately critical 13∕25 
Vulnerability: Access bypass

Description

This module allows display of a site's content in AMP format.

The module doesn't sufficiently check access on unpublished or restricted content.

Solution

Install the latest version of the module.

Read More

Gutenberg - Critical - Access bypass - SA-CONTRIB-2019-069

Gutenberg - Critical - Access bypass - SA-CONTRIB-2019-069

Project: Gutenberg
Date: 2019-September-25
Security risk: Critical 16∕25 
Vulnerability: Access bypass

Description

This module provides a new UI experience for node editing - Gutenberg editor.

The routes used by the Gutenberg editor lack proper permissions allowing untrusted users to view and modify some content they should not be able to view or modify.

Solution

Install the latest version:

Read More

Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2019-068

Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2019-068

Project: Permissions by Term
Version: 8.x-1.x-dev
Date: 2019-September-25
Security risk: Moderately critical 14∕25
Vulnerability: Access bypass

Description

This module enables you to control access to content based on taxonomy terms. The module doesn't sufficiently check if a given entity should be access controlled, defaulting to allowing access even to unpublished nodes.

The vulnerability is mitigated by the fact that the submodule Permissions by Entity must also be enabled.

Solution

Install the latest version:

Read More

TableField - Moderately critical - Access bypass - SA-CONTRIB-2019-067

Project: TableField
Version: 8.x-2.x-dev
Date: 2019-September-18
Security risk: Moderately critical 12∕25 
Vulnerability: Access bypass

Description

This module allows you to attach tabular data to an entity.

There is insufficient access checking for users with the ability to "Export Tablefield Data as CSV". They can export data from unpublished nodes or otherwise inaccessible entities.

Read More

WordPress 5.2.3 Security and Maintenance Release

WordPress 5.2.3 Security and Maintenance Release

WordPress 5.2.3 is now available! This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below.

These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade.

If you haven’t yet updated to 5.2, there are also updated versions of 5.0 and earlier that fix the bugs for you.

Security Updates

Read More

Imagecache External - Critical - Insecure session token management - SA-CONTRIB-2019-065

Imagecache External - Critical - Insecure session token management - SA-CONTRIB-2019-065

Project: Imagecache External
Date: 2019-August-21
Security risk: Critical 15∕25 
Vulnerability: Insecure session token management

Description

This module that allows you to store external images on your server and apply your own Image Styles.

The module exposes cookies to external sites when making external image requests.

This vulnerability is mitigated by using the whitelisted host feature to restrict external image requests from trusted sources.

Read More

Super Login - Moderately critical - Cross site scripting - SA-CONTRIB-2019-062

Super Login - Moderately critical - Cross site scripting - SA-CONTRIB-2019-062

Project: Super Login
Date: 2019-August-14
Security risk: Moderately critical 13∕25
Vulnerability: Cross site scripting

Description

This module improves the Drupal login page with the new features and layout.

The module doesn't sufficiently filter input text in the administration pages text configuration inputs. For example, the login text field.

The vulnerability is mitigated by the fact it can only be exploited by a user with the "Administer super login" permission.

Read More

scroll to top - Moderately critical - Cross site scripting - SA-CONTRIB-2019-061

scroll to top - Moderately critical - Cross site scripting - SA-CONTRIB-2019-061

Project: scroll to top
Date: 2019-August-14
Security risk: Moderately critical 13∕25
Vulnerability: Cross site scripting

Description

The Scroll To Top module enables you to have an animated scroll to top link in the bottom of the node.

The module does not sufficiently filter configuration text leading to a Cross Site Scripting (XSS) vulnerability.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer scroll to top".

Read More

Forms Steps - Critical - Access bypass - SA-CONTRIB-2019-064

Forms Steps - Critical - Access bypass - SA-CONTRIB-2019-064

Project: Forms Steps
Date: 2019-August-14
Security risk:  Critical 16∕25 
Vulnerability: Access bypass

Description

Forms Steps provides an UI to create form workflows using form modes. It creates quick and configurable multisteps forms.

The module doesn't sufficiently check user permissions to access its workflows entities that allows to see any entities that have been created through the different steps of its multistep forms.

Read More

Pages