1 min read

Moderately Critical XSS Vulnerability in Navbar in Drupal 7

The Drupal Security Team announced a moderately critical Cross-site Scripting-SA-CONTRIB-2022-011 Vulnerability in Navbar module in Drupal 7on January 25th, 2022.

The Navbar module provides a simple, mobile-friendly navigation toolbar but doesn’t sufficiently check for user-provided input.

This vulnerability is mitigated by the fact that an attacker must have the ability to post content using a text format (like the default "Filtered HTML" format) that won't filter out the exploit code.

Solution:

If you use the Navbar module for Drupal 7.x, upgrade to Navbar 7.x-1.8

Source: https://www.drupal.org/sa-contrib-2022-011

You May Like
Blog
Growing Together in the Drupal Land: The 'Learn Drupal' Initiative

Growing Together in the Drupal Land: The 'Learn Drupal' Initiative
Blog
Growing Together in the Drupal Land: The 'Learn Drupal' Initiative

Growing Together in the Drupal Land: The 'Learn Drupal' Initiative

ASK: Drupal Community Needs Your Support

View all →
XSS
Drupal 7
Security Update

Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please reach out to us at #thedroptimes channel on Drupal Slack and we will try to address the issue as best we can.

You may also like

You May Like
Blog
Way to Lille: How TDT Remotely Covered DrupalCon Lille 2023

Way to Lille: How TDT Remotely Covered DrupalCon Lille 2023
Build site with Drupal

Featured

Latest News

Upcoming Events

View All Events

Latest Opportunities