Skip to content

Commit c03c443

Browse files
feat: update advisories (#207)
🤖 beep boop - looks like there's some changes to the advisories! - https://www.drupal.org/SA-CONTRIB-2026-033 Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
1 parent b4b1705 commit c03c443

1 file changed

Lines changed: 52 additions & 0 deletions

File tree

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.7.0",
3+
"id": "DRUPAL-CONTRIB-2026-033",
4+
"modified": "2026-04-22T17:47:43.000Z",
5+
"published": "2026-04-22T17:47:43.000Z",
6+
"aliases": [
7+
"CVE-2026-6871"
8+
],
9+
"details": "This module enables you to obfuscate email addresses in content.\n\nThe module doesn't sufficiently sanitize user input via the Twig filter.\n\nThis vulnerability is mitigated by the fact that it only affects sites using the ROT13 encoding and where an attacker can enter content that is filtered using the module's Twig filter.",
10+
"affected": [
11+
{
12+
"package": {
13+
"ecosystem": "Packagist:https://packages.drupal.org/8",
14+
"name": "drupal/obfuscate"
15+
},
16+
"severity": [],
17+
"ranges": [
18+
{
19+
"type": "ECOSYSTEM",
20+
"events": [
21+
{
22+
"introduced": "0"
23+
},
24+
{
25+
"fixed": "2.0.2"
26+
}
27+
],
28+
"database_specific": {
29+
"constraint": "<2.0.2"
30+
}
31+
}
32+
],
33+
"database_specific": {
34+
"affected_versions": "<2.0.2"
35+
}
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "WEB",
41+
"url": "https://www.drupal.org/sa-contrib-2026-033"
42+
}
43+
],
44+
"credits": [
45+
{
46+
"name": "Pierre Rudloff (prudloff)",
47+
"contact": [
48+
"https://www.drupal.org/u/prudloff"
49+
]
50+
}
51+
]
52+
}

0 commit comments

Comments
 (0)