AVG-744 log

Package drupal
Status Fixed
Severity Medium
Type access restriction bypass
Affected 8.5.5-1
Fixed 8.5.6-1
Current 10.2.4-1 [extra]
Ticket None
Created Thu Aug 2 15:52:00 2018
Issue Severity Remote Type Description
CVE-2018-14773 Medium Yes Access restriction bypass
Support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header allows a...