FLAT-FM0NQ (CVE-2026-9082)
SQL injection - Code In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-33TTF (CVE-2026-6367)
Server side cross-site scripting In drupal/core
1.2
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-XN5C0 (CVE-2026-6366)
Insecure deserialization In drupal/core
1.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-L4IM0 (CVE-2026-6365)
Reflected cross-site scripting (XSS) In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-V44ZN (CVE-2025-13082)
Clickjacking In drupal/core
2.1
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-NZ26R (CVE-2025-13083)
Cached form fields In drupal/core
1.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-3LC8R (CVE-2025-13080)
Asymmetric denial of service In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-AH89N (CVE-2025-13081)
Insecure deserialization In drupal/core
4.5
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-WYFWW (CVE-2025-3057)
Reflected cross-site scripting (XSS) In drupal/core
1.2
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-TREFN (CVE-2025-31675)
Reflected cross-site scripting (XSS) In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-T7Y64 (CVE-2025-31674)
Authentication mechanism absence or evasion In drupal/core
4.5
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-MXYZ8 (CVE-2025-31673)
Authentication mechanism absence or evasion In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-JG9AX (CVE-2024-55637)
Authentication mechanism absence or evasion In drupal/core-recommended
4.8
Medium
Ecosystem: Packagist
Package: drupal/core-recommended
FLAT-F3Y34 (CVE-2024-55636)
Authentication mechanism absence or evasion In drupal/core-recommended
0.6
Low
Ecosystem: Packagist
Package: drupal/core-recommended
FLAT-O78IJ (CVE-2024-12393)
Reflected cross-site scripting (XSS) In drupal/core-recommended
1.3
Low
Ecosystem: Packagist
Package: drupal/core-recommended
FLAT-71VWG (CVE-2024-11942)
Asymmetric denial of service In drupal/core
2.4
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-YO5A6 (CVE-2024-11941)
Inappropriate coding practices In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-V7JNV (GHSA-vfgc-c76h-mwh4)
Server side cross-site scripting In drupal/core
2.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-1X1JF (GHSA-gxxj-g9v8-w28p)
Server side template injection In drupal/core
6.3
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-A3YIL (GHSA-6gf6-24h2-66j4)
Uncontrolled external site redirect In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-E5SFT (GHSA-v273-j5hq-26xp)
Server side cross-site scripting In drupal/core
0.6
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-RRHTR (GHSA-98h9-727m-44qv)
Dependency Confusion In drupal/core
6.2
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-I73N0 (GHSA-mh4h-27gq-cxwj)
Improper authorization control for web services In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-EVPQX (GHSA-7gwj-7fhm-vw4w)
Insecure file upload In drupal/core
3.8
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-5ACT5 (GHSA-pr99-c33p-fwf6)
Race condition In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-Z59VW (GHSA-7v68-3pr5-h3cr)
Lack of data validation In drupal/core
0.6
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-49C5Z (GHSA-6mgp-v5cm-ghg5)
Server side template injection In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-L1QRW (GHSA-gfvf-2f25-f34r)
Uncontrolled external site redirect In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-4DYMK (GHSA-7f4f-p7mq-p4fv)
Uncontrolled external site redirect In drupal/core
1.2
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-VNUCL (GHSA-f84q-mgj9-8jfc)
Improper authorization control for web services In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-2G4GF (GHSA-6ccv-8fgf-cjpw)
Asymmetric denial of service In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-KB36E (CVE-2024-22362)
Asymmetric denial of service In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-RFAN4 (CVE-2023-5256)
Enabled default configuration In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-SZXI4 (CVE-2023-31250)
Improper authorization control for web services In drupal/core
4.9
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-DZH17 (CVE-2022-25276)
Reflected cross-site scripting (XSS) In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-75ZOU (CVE-2022-25274)
Authentication mechanism absence or evasion In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-QA1H6 (CVE-2022-25273)
Lack of data validation In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-UV93Q (DRUPAL-CORE-2023-004)
Reflected cross-site scripting (XSS) In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-J641O (DRUPAL-CORE-2023-003)
Enabled default configuration In drupal/core
1.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-PW7RF (DRUPAL-CORE-2023-002)
Unauthorized access to screen In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-1DW3E (DRUPAL-CORE-2023-001)
Improper authorization control for web services In drupal/core
0.5
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-6NE9V (CVE-2022-31042)
Sensitive information sent insecurely In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-NMMGX (CVE-2020-13688)
Reflected cross-site scripting (XSS) In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-674I6 (CVE-2020-13667)
Excessive privileges In drupal/core
1.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-1C213 (CVE-2020-13665)
Authentication mechanism absence or evasion In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-8137N (CVE-2011-2687)
Improper authorization control for web services In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-OBSYZ (CVE-2016-3168)
Server-side request forgery (SSRF) In drupal/core
5.8
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-BKBGQ (CVE-2016-3163)
Lack of protection against brute force attacks In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-VZ5K3 (CVE-2016-3167)
Uncontrolled external site redirect In drupal/core
5.7
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-8H1TD (CVE-2016-3162)
Improper authorization control for web services In drupal/core
6.2
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-E4JK2 (CVE-2016-3171)
Server side template injection In drupal/core
7.2
High
Ecosystem: Packagist
Package: drupal/core
FLAT-HSZRC (CVE-2016-7570)
Excessive privileges In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-IT77V (CVE-2016-7572)
Improper authorization control for web services In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-KLJSC (CVE-2017-6379)
Cross-site request forgery In drupal/core
5.2
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-2QXU6 (CVE-2017-6927)
Reflected cross-site scripting (XSS) In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-3HZSS (CVE-2017-6926)
Enabled default configuration In drupal/core
6.2
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-JTLQA (CVE-2017-6920)
Server side template injection In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-C1BU9 (CVE-2017-6919)
Improper authorization control for web services In drupal/core
5.2
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-CZ6X6 (CVE-2017-6931)
Insecure file upload In drupal/core
4.9
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-FUXPB (CVE-2017-6928)
Improper authorization control for web services In drupal/core
2.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-19KYX (CVE-2017-6925)
Excessive privileges In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-WPGXU (CVE-2017-6930)
Improper authorization control for web services In drupal/core
7.2
High
Ecosystem: Packagist
Package: drupal/core
FLAT-VU2F2 (CVE-2017-6381)
Dependency Confusion In drupal/core
7.2
High
Ecosystem: Packagist
Package: drupal/core
FLAT-4Y1JL (CVE-2017-6377)
Authentication mechanism absence or evasion In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-AA9OV (CVE-2011-2715)
SQL injection - Code In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-Z8C1F (CVE-2011-2714)
Server side cross-site scripting In drupal/core
1.3
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-0HK2W (CVE-2022-25271)
Lack of data validation In drupal/core
6.6
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-9K9K6 (CVE-2022-25270)
Authentication mechanism absence or evasion In drupal/core
4.9
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-VRHH2 (DRUPAL-CORE-2022-001)
Reflected cross-site scripting (XSS) In drupal/core
0.6
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-YXD7Q (DRUPAL-CORE-2021-011)
Reflected cross-site scripting (XSS) In drupal/core
4.0
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-JC373 (CVE-2019-11831)
Lack of data validation - Path Traversal In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-8RJXT (DRUPAL-CORE-2021-005)
Server side cross-site scripting In drupal/core
4.0
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-URZ4V (DRUPAL-CORE-2021-001)
Insecure file upload In drupal/core
0.6
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-M2NT2 (CVE-2020-13665 )
Improper authorization control for web services In drupal/core
1.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-JZWS2 (CVE-2019-6342)
Lack of data validation In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-JQLBD (DRUPAL-CORE-2020-002)
Reflected cross-site scripting (XSS) In drupal/core
0.6
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-MBCP4 (DRUPAL-CORE-2020-001)
Server side cross-site scripting In drupal/core
3.8
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-7FWHV (DRUPAL-CORE-2019-012)
Insecure file upload In drupal/core
0.6
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-3JCSJ (DRUPAL-CORE-2019-011)
Improper authorization control for web services In drupal/core
1.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-Q2PAQ (DRUPAL-CORE-2019-010)
Insecure file upload In drupal/core
4.1
Medium
Ecosystem: Packagist
Package: drupal/core
FLAT-TA6GX (DRUPAL-CORE-2019-009)
Missing subresource integrity check In drupal/core
2.7
Low
Ecosystem: Packagist
Package: drupal/core
FLAT-E1JG0 (DRUPAL-CORE-2019-005)
Lack of data validation In drupal/core
8.1
High
Ecosystem: Packagist
Package: drupal/core
FLAT-AFZJ7 (DRUPAL-CORE-2018-001)
Reflected cross-site scripting (XSS) In drupal/core
0.6
Low
Ecosystem: Packagist
Package: drupal/core