Blog
FAQ
Discussions
Search
Projects, issues, users, and merge requests.
Project ID, name, and description.
User nickname, name, and org.
Issue ID, title, and summary.
Merge request titles.
Contrib
.social
Feed
Live feed
Builds
Live builds
Core
Tags
Tags and Initiatives
#DC
Portland 2024
6-9 May
#
DrupalCon Portland
2024
πΊπΈ
#D8 Security Bounty
Open on Drupal.org β
β‘οΈ Live updates
comments, jobs, and issues, tagged with
#D8 Security Bounty
will update issues and activities on this page.
Issues
π
Changing password should invalidate all other sessions
Fixed
Drupal core
10.0 β
user system
Created
about 9 years ago
πΊπΈ
United States
pwolanin
4 months ago
π
Add validation constraint to `type: label`: disallow HTML markup
Needs work
Drupal core
11.0 β
configuration system
Created
almost 9 years ago
πΊπΈ
United States
pwolanin
7 months ago
π
Config translation needs to be validated on input for XSS (like other t string input)
Needs work
Drupal core
10.1 β
config_translation.module
Created
about 9 years ago
πΊπΈ
United States
pwolanin
about 1 year ago
π
File inclusion weakness in stream wrappers, and StreamWrapperInterface composite constants are not clearly documented or tested for correctness
Needs work
Drupal core
9.5 β
file system
Created
almost 9 years ago
πΊπΈ
United States
pwolanin
over 1 year ago
Activities
No activities found.
contrib
.social
Blog
FAQ
Discussions
Production build 0.69.0
2024