From security em unicamp.br  Thu Dec  9 09:08:27 2021
From: security em unicamp.br (CSIRT Unicamp)
Date: Thu, 9 Dec 2021 09:08:27 -0300
Subject: [SECURITY-L] [Security-news] Search API Pages - Critical - Cross
 Site Scripting - SA-CONTRIB-2021-046
Message-ID: <CAEsueBMZO_vNsjCBrPfxRkdRFkEhE3G0iiJpsLGV=qWrAwPMkQ@mail.gmail.com>

View online: https://www.drupal.org/sa-contrib-2021-046

Project: Search API Pages [1]
Date: 2021-December-08
Security risk: *Critical* 16?25
AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:Uncommon [2]
Vulnerability: Cross Site Scripting

Description:
This module enables you to create simple search pages based on Search API
without the use of Views.

The module doesn?t sufficiently escape all variables provided for custom
templates.

This vulnerability is mitigated by the fact that the default template
provided by the module is not affected.

Solution:
Install the latest version:

   * If you use the Search API Pages module for Drupal 7.x, upgrade to
Search
     API Pages 7.x-1.6 [3]

Reported By:
   * Duncan Davidson [4]

Fixed By:
   * Damien McKenna [5] of the Drupal Security Team
   * Duncan Davidson [6]
   * Thomas Seidl [7]
   * Joris Vercammen [8]
===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20211209/1ac3ed4e/attachment.html>

From security em unicamp.br  Thu Dec  9 09:09:39 2021
From: security em unicamp.br (CSIRT Unicamp)
Date: Thu, 9 Dec 2021 09:09:39 -0300
Subject: [SECURITY-L] [Security-news] Webform - Critical - Cross Site
 Scripting, Access Bypass - SA-CONTRIB-2021-045
Message-ID: <CAEsueBOhoGjPC=fn3xdaSSZsj-W8_JrJf8BWejGMo_URH8DMpg@mail.gmail.com>

View online: https://www.drupal.org/sa-contrib-2021-045

Project: Webform [1]
Date: 2021-December-08
Security risk: *Critical* 16?25
AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All [2]
Vulnerability: Cross Site Scripting, Access Bypass

Description:
.... Access Bypass:

This module enables you to build forms and surveys in Drupal.

The module doesn't sufficiently check access for administrative features for
webforms attached to nodes using the Webform Node module. This may reveal
submitted data or allow an attacker to modify submitted data.

There is no mitigation for this vulnerability. If you have the Webform Node
module enabled you must update the Webform module.

.... Cross Site Scripting:

The Webform module enables site builders to create forms and surveys.

The Webform module doesn't sufficiently filter HTML when an element's 'Help
title' and an 'Image Select' element's image text contain specially crafted
malicious text.

This vulnerability is mitigated by the fact that an attacker must be able to
create or edit webforms.

Solution:
Install the latest version:

   * If you use the Webform module for Drupal 9.x, upgrade to Webform 6.1.2
[3]
     or Webform 6.0.6 [4]
   * If you use the Webform module version 8.x-5.x it is affected by this
issue
     and is unsupported. You should upgrade to Webform 6.

Reported By:
.... Access Bypass:

   * Adam P [5]
   * Madelyn Cruz [6]

.... Cross Site Scripting:

   * Rohit Tiwari [7]

Fixed By:
.... Access Bypass:

   * Chris McCafferty [8] of the Drupal Security Team
   * Greg Knaddison [9] of the Drupal Security Team
   * Jacob Rockowitz [10]
   * Adam P [11]
   * Lee Rowlands [12] of the Drupal Security Team

.... Cross Site Scripting:

   * Jacob Rockowitz [13]

Coordinated By:
   * Chris [14] of the Drupal Security Team
   * Greg Knaddison [15] of the Drupal Security Team
   * Damien McKenna [16] of the Drupal Security Team


[1] https://www.drupal.org/project/webform
[2] https://www.drupal.org/security-team/risk-levels
[3] https://www.drupal.org/project/webform/releases/6.1.2
[4] https://www.drupal.org/project/webform/releases/6.0.6
[5] https://www.drupal.org/user/3580554
[6] https://www.drupal.org/user/2523544
[7] https://www.drupal.org/user/3132219
[8] https://www.drupal.org/user/1850070
[9] https://www.drupal.org/user/36762
[10] https://www.drupal.org/user/371407
[11] https://www.drupal.org/user/3580554
[12] https://www.drupal.org/user/395439
[13] https://www.drupal.org/user/371407
[14] https://www.drupal.org/user/1850070
[15] https://www.drupal.org/user/36762
[16] https://www.drupal.org/user/108450
===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20211209/d9476713/attachment.html>