CVE-2020-13672 - log back

CVE-2020-13672 edited at 27 Apr 2021 23:07:46
Severity
- Unknown
+ Critical
Remote
- Unknown
+ Remote
Type
- Unknown
+ Cross-site scripting
Description
+ Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. The issue is fixed in Drupal versions 9.1.7, 9.0.12, 8.9.14 and 7.80.
References
+ https://www.drupal.org/sa-core-2021-002
+ https://github.com/drupal/drupal/commit/0d8712d87216b3dfccc511cff3cf2f753620a5ee
CVE-2020-13672 created at 27 Apr 2021 23:04:37
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes