Browse all 9 CVE security advisories affecting Drupal.org. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Drupal.org serves as the primary content management system for building and managing websites, particularly for organizations requiring robust, scalable solutions. Historically, it has faced vulnerabilities across multiple classes, including remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and module security issues. While no single major incident stands out, the platform's security posture has been shaped by regular updates and a dedicated security team. With 9 current CVEs, ongoing vigilance remains essential, as the complexity of its ecosystem and third-party modules continue to present potential attack surfaces for malicious actors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-6920 | Drupal 安全漏洞 — Drupal Core | 9.8 | - | 2018-08-06 |
| CVE-2017-6926 | Drupal 安全漏洞 — Drupal Core | 8.1 | - | 2018-03-01 |
| CVE-2017-6927 | Drupal 跨站脚本漏洞 — Drupal Core | 6.1 | - | 2018-03-01 |
| CVE-2017-6928 | Drupal core 安全漏洞 — Drupal Core | 5.3 | - | 2018-03-01 |
| CVE-2017-6929 | Drupal jQuery 跨站脚本漏洞 — Drupal Core | 6.1 | - | 2018-03-01 |
| CVE-2017-6930 | Drupal 安全漏洞 — Drupal Core | 8.1 | - | 2018-03-01 |
| CVE-2017-6931 | Drupal Settings Tray模块安全漏洞 — Drupal Core | 6.5 | - | 2018-03-01 |
| CVE-2017-6932 | Drupal core 安全漏洞 — Drupal Core | 4.7 | - | 2018-03-01 |
This page lists every published CVE security advisory associated with Drupal.org. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.