Security Advisory

CVE-2017-6377

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-03-16 14:00:00

Last updated 2024-08-05 15:25:49

Assigner drupal

State PUBLISHED

Description

When adding a private file via the editor in Drupal 8.2.x before 8.2.7, the editor will not correctly check access for the file being attached, resulting in an access bypass.

← Browse all CVEs View on cve.org ↗