High severity8.8NVD Advisory· Published Jan 1, 2021· Updated Jun 17, 2026
CVE-2018-25002
CVE-2018-25002
Description
uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Drupal/KCFinder integration projectdescription
Patches
Vulnerability mechanics
References
3- www.drupal.org/project/kcfinder/issues/1768718nvdThird Party Advisory
- www.drupal.org/project/kcfinder/issues/1768720nvdThird Party Advisory
- www.drupal.org/sa-contrib-2018-024nvdThird Party Advisory
News mentions
0No linked articles in our index yet.