The Drupal security team announced on February 16th, 2022, the moderately critical information disclosure vulnerability in Drupal Core, SA-CORE-2022-004.
Drupal security team announced on February 16th, 2022, the moderately critical improper input validation vulnerability in Drupal Core, SA-CORE-2022-003.
Drupal Security Team announced a Cross-Site Scripting (XSS) vulnerability SA-CONTRIB-2022-024 that has low criticality index in the Custom Breadcrumbs Module on February 9th, 2022.
Drupal Security team announces a moderately critical access bypass vulnerability SA-CONTRIB-2022-023 in the Fancy File Delete Module on February 9th 2022.
On January 25th, a whole list of security advisories for contributed module projects was posted by the Drupal Security team that are classified as Critical but Unsupported vulnerabilities. Read to find which ones!
The Drupal Security Team announced a moderately critical Cross-site Scripting-SA-CONTRIB-2022-011 Vulnerability in Navbar module in Drupal 7on January 25th, 2022.
Critical Access bypass, Information Disclosure, and Multiple Vulnerabilities in the Private Taxonomy Terms module SA-CONTRIB-2022-014 was announced on January 26th, 2022