CVE-2016-9450 log

Severity Low
Remote Yes
Type Content spoofing
The user password reset form does not specify a proper cache context, which can lead to cache poisoning and unwanted content on the page.
Group Package Affected Fixed Severity Status Ticket
AVG-74 drupal 8.2.2-1 8.2.3-1 Medium Fixed
Date Advisory Group Package Severity Type
19 Nov 2016 ASA-201611-20 AVG-74 drupal Medium multiple issues