---

CVE-2020-13673 - log back

CVE-2020-13673 edited at 21 Sep 2021 11:35:29
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Cross-site scripting
Description	+ The Drupal core Media module allows embedding internal and external media in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is accessed by a trusted user with permission to embed media. In some cases, this could lead to cross-site scripting.
References	+ https://www.drupal.org/sa-core-2021-006
Notes

CVE-2020-13673 created at 21 Sep 2021 11:34:35