VYPR
High severity8.8NVD Advisory· Published Jan 1, 2021· Updated Jun 17, 2026

CVE-2018-25002

CVE-2018-25002

Description

uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.