uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-31T23:27:52

Updated: 2024-08-05T12:26:39.587Z

Reserved: 2020-12-31T00:00:00

Link: CVE-2018-25002

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-01-01T01:15:12.900

Modified: 2024-11-21T04:03:20.253

Link: CVE-2018-25002

cve-icon Redhat

No data.