DRUPAL-CONTRIB-2018-018

See a problem?
Import Source
https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/menu_export/DRUPAL-CONTRIB-2018-018.json
JSON Data
https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2018-018
Published
2018-04-18T15:45:18Z
Modified
2025-12-10T23:29:43.234168Z
Summary
[none]
Details

This module helps in exporting and importing Menu Items via the administrative interface.

The module does not properly restrict access to administrative pages, allowing anonymous users to export and import menu links.

There is no mitigation for this vulnerability.

References
Credits

Affected packages

Packagist:https://packages.drupal.org/8 / drupal/menu_export

Package

Name
drupal/menu_export
Purl
pkg:composer/drupal/menu_export

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.0
Database specific 
{
    "constraint": "<1.2.0"
}

Database specific

affected_versions 
"<1.2.0"
source 
"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/menu_export/DRUPAL-CONTRIB-2018-018.json"