Advisory ID: DRUPAL-SA-CORE-2012-002 Project: Drupal core Version: 7.x Date: 2012-May-2 Security risk: Critical Exploitable from: Remote Vulnerability: Denial of Service, Access bypass, Unvalidated form redirect Description Denial of Service CVE: CVE-2012-1588 Drupal core’s text filtering system provides several features including removing inappropriate HTML tags and automatically linking content that appears to be a link. A pattern in Drupal’s text matching was found to be inefficient with certain specially crafted strings. This vulnerability is mitigated by the fact that users must have the ability to post content sent to the filter system such as a role with the “post comments” or “Forum topic: Create new content” permission. Unvalidated form redirect CVE: CVE-2012-1589 Drupal core’s Form API allows users to set a destination, but failed to validate that the URL was internal to the site. This weakness could be abused to redirect the login to a remote site with a malicious script…

Read More →