TTCSIRT-174.102218: TT-CSIRT Advisory – Drupal Security Updates
Drupal has released a security update stating that the following vulnerabilities have been discovered in the Drupal Core Module:
a) Content Moderation fails in certain circumstances to check user access to certain transitions which results in an access bypass.
b) External URL injection through URL Aliases allows for open redirect.
c) Anonymous Open Redirect takes place if a user clicks on a specially crafted URL using the destination query string.
d) Injection in DefaultMailSystem::mail() due to variables not being sanitized for shell arguments allows for remote code execution.
e) The Contextual Links module does not sufficiently validate requested contextual links which leads to remote code execution.
|Further information on these vulnerabilities and how they can be mitigated can be found on the Drupal Website at https://www.drupal.org/sa-core-2018-006|