Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 683820 (CVE-2019-11358) - <www-apps/drupal-{7.66,8.5.15,8.6.15}: Cross site scripting vulnerability (CVE-2019-11358)
Summary: <www-apps/drupal-{7.66,8.5.15,8.6.15}: Cross site scripting vulnerability (CV...
Alias: CVE-2019-11358
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa]
Depends on:
Reported: 2019-04-19 06:49 UTC by Tupone Alfredo
Modified: 2020-04-17 03:21 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Tupone Alfredo gentoo-dev 2019-04-19 06:49:46 UTC
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2019-04-22 02:12:45 UTC
The bug has been referenced in the following commit(s):

commit d34e0d9b24de1160f4dc263e8982cf37a4bf2c7a
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <>
AuthorDate: 2019-04-22 02:12:04 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <>
CommitDate: 2019-04-22 02:12:27 +0000

    www-apps/drupal:  Security bump - SA-CORE-2019-006.
    Package-Manager: Portage-2.3.63, Repoman-2.3.12
    Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <>

 www-apps/drupal/Manifest             |  1 +
 www-apps/drupal/drupal-8.5.15.ebuild | 84 ++++++++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-04-22 02:33:20 UTC
tree is clean