This module enables you to expose Drupal entities as RESTful web services. It provides a machine-readable interface to exchange resources in JSON, XML and RDF.
The RESTWS Basic Auth submodule doesn’t sufficiently disable page caching for authenticated requests thereby leaking potentially confidential data to unauthorized users.
This vulnerability is mitigated by the fact that the RESTWS Basic Auth submodule must be enabled, page caching must be enabled and permissions for a resource containing sensitive data must be enabled (for example the User resource).
CVE identifier(s) issued
A CVE identifier will be requested, and added upon issuance, in accordance
with Drupal Security Team processes.
Versions affected
RESTWS 7.x-1.x versions prior to 7.x-1.5.
RESTWS 7.x-2.x versions prior to 7.x-2.3.
Drupal core is not affected. If you do not use the contributed RESTful Web Services module,
there is nothing you need to do.
In a talk Monday Christofer Hoff stressed that in security and martial arts alike, it’s hard to be a skilled defender if you don’t understand how your adversaries pull off the attacks.
PHP Code Execution in jui_filter_rules Parsing Library
======================================================
Researcher: Timo Schmid <tschmid () ernw de>
Description
===========
jui_filter_rules[1] is a jQuery plugin which allows users to generate a
ruleset
which could be used to filter datasets inside a web application.
The plugin also provides a PHP library to turn the user submitted
ruleset into
SQL where statements for server side…
Versions Affected
===========
All versions between 0.85 and 0.85.2
Description
=======
When an user wants to create a new ticket, he has the possibility to add
an attachment. If for example he wants to add a file named “test.php”
with or without adding the ticket, the file will be temporary uploaded
to…
Navigate is a customizable navigation bar for Drupal.
The module doesn’t sufficiently sanitize user input when displaying the Navigate bar.
Because the vulnerability is a Reflected Cross Site Scripting, the only mitigating factor is that the victim must be tricked into visiting a specially crafted malicious url.
CVE identifier(s) issued
A CVE identifier will be requested, and added upon issuance, in accordance
with Drupal Security Team processes.
Versions affected
Navigate 6.x-1.x versions prior to 6.x-1.1.
Navigate 7.x-1.x versions prior to 7.x-1.1.
Drupal core is not affected. If you do not use the contributed Navigate module,
there is nothing you need to do.
Solution
Install the latest version:
If you use the Navigate module for Drupal 6.x, upgrade to Navigate 6.x-1.1
If you use the Navigate module for Drupal 7.x, upgrade to Navigate 7.x-1.1
Avatar Uploader module provides an alternative way to upload user pictures.
The module doesn’t sufficiently enforce file extensions when an avatar is uploaded, allowing users to bypass Drupal’s normal file upload protections to install malicious HTML or executable code to the server.