Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-mg8j-w93w-xjgc: Drupal Full Path Disclosure

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.

ghsa
#git#php#auth

Drupal Full Path Disclosure

Low severity GitHub Reviewed Published Aug 29, 2024 to the GitHub Advisory Database • Updated Aug 29, 2024

ghsa: Latest News

GHSA-qqwr-j9mm-fhw6: deno_doc's HTML generator vulnerable to Cross-site Scripting