1 min read

Moderately Critical Context Module Security Update

Unsplash

This module enables you to conditionally display blocks in particular theme regions.

The module doesn't sufficiently sanitize the title of a block as displayed in the admin UI when a site administrator edits a context block reaction.

According to Drupal.org this vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer blocks".

Solution: 
Install the latest version:

If you use the Context module for Drupal 7.x, upgrade to Context 7.x-3.11.

Source:

Context - Moderately critical - Cross Site Scripting - SA-CONTRIB-2022-049
You May Like
Interview
How Drupal Plans to Beat Commercial CMS Platforms with AI-First Approach

How Drupal Plans to Beat Commercial CMS Platforms with AI-First Approach
Interview
How Drupal Plans to Beat Commercial CMS Platforms with AI-First Approach

How Drupal Plans to Beat Commercial CMS Platforms with AI-First Approach

ASK: Drupal Community Needs Your Support

View all →
Security Update
Security Updates
Drupal Security Team

Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please reach out to us at #thedroptimes channel on Drupal Slack and we will try to address the issue as best we can.

You may also like

You May Like
Article
Discover Leading Drupal Websites and Real-World Use Cases on 'TDT Discover'

Discover Leading Drupal Websites and Real-World Use Cases on 'TDT Discover'
Build site with Drupal

Featured

Latest News

Upcoming Events

View All Events

Latest Opportunities