Description

The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote attackers to cause a denial of service via a crafted URL.

Remediation

References

CVE-2016-9452

Related Vulnerabilities

MySQL CVE-2014-2419 Vulnerability (CVE-2014-2419)

Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7872)

WordPress Plugin Google Authenticator-Per User Prompt Timing Attack (0.6)

Play Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3630)

WordPress Plugin ContentStudio Multiple Vulnerabilities (1.2.5)

Severity

Medium

Classification

CVE-2016-9452 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities