Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Drupal 9: Unauthenticated File Upload in certain modules
MINI-mmvp-5q25-w695
Summary
Some Drupal 9 websites can allow attackers to upload files without being authenticated. This means a hacker could potentially upload malicious files to your website. To protect your site, update to the latest version of affected modules and ensure you have a secure file upload process in place.
What to do
- Update kiali to version 2.23.0-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | kiali | <= 2.23.0-r0 | 2.23.0-r0 |
Original title
MINI-mmvp-5q25-w695
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026