Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [Security-news] Brilliant Gallery - Highly critical - Multiple Vulnerabilities - SA-CONTRIB-2017-079

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [Security-news] Brilliant Gallery - Highly critical - Multiple Vulnerabilities - SA-CONTRIB-2017-079


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: security-news AT drupal.org
  • To: security-news AT drupal.org
  • Subject: [IT-SecNots] [Security-news] Brilliant Gallery - Highly critical - Multiple Vulnerabilities - SA-CONTRIB-2017-079
  • Date: Wed, 25 Oct 2017 16:42:33 +0000 (UTC)
  • List-archive: <http://lists.drupal.org/pipermail/security-news/>
  • List-id: <security-news.drupal.org>
View online: https://www.drupal.org/sa-contrib-2017-079

Project: Brilliant Gallery [1]
Version: 7.x-1.x-dev
Date: 2017-October-25
Security risk: *Highly critical* 20∕25
AC:Basic/A:None/CI:All/II:All/E:Theoretical/TD:All [2]
Vulnerability: Multiple Vulnerabilities

Description: 
This module enables you to display any number of galleries based on images
located in the files folder.

The module doesn't sufficiently sanitize various database queries which may
allow attackers to craft requests resulting in an SQL injection
vulnerability. This vulnerability could be exploited even by anonymous users
and could potentially allow them to take over the site.

The module doesn't sufficiently confirm a user's intent to save checklist
data, which allows for a cross-site request forgery (CSRF) exploit to be
executed by unprivileged users.

Some configuration fields are not filtered while rendered, resulting in a
cross-site scripting (XSS) vulnerability. This vulnerability is mitigated by
the fact that an attacker must have a role with the permission "Administer
Brilliant Gallery".

Solution: 
Install the latest version:

* If you use the Brilliant Gallery module for Drupal 7, upgrade to Brilliant
Gallery 7.x-1.10 [3]

Reported By: 
* Jean-François Hovinne [4]

Fixed By: 
* Tomas Fulopp [5], the module maintainer

Coordinated By: 
* Greg Knaddison [6] of the Drupal Security Team


[1] https://www.drupal.org/project/brilliant_gallery
[2] https://www.drupal.org/security-team/risk-levels
[3] https://www.drupal.org/project/brilliant_gallery/releases/7.x-1.10
[4] https://www.drupal.org/u/jfhovinne
[5] https://www.drupal.org/u/vacilando
[6] https://www.drupal.org/u/greggles

_______________________________________________
Security-news mailing list
Security-news AT drupal.org
Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news

  • [IT-SecNots] [Security-news] Brilliant Gallery - Highly critical - Multiple Vulnerabilities - SA-CONTRIB-2017-079, security-news, 25.10.2017

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang