Imagecache External - Critical - Insecure session token management - SA-CONTRIB-2019-065

Project: Imagecache ExternalDate: 2019-August-21Security risk: Critical 15∕25 AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Insecure session token managementDescription: This module that allows you to store external images on your server and apply your own Image Styles.
The module exposes cookies to external sites when making external image requests.
This vulnerability is mitigated by using the whitelisted host feature to restrict external image requests from trusted sources.Solution: Install the latest version:

Also see the Imagecache External project page.Reported By: 

Fixed By: 

Coordinated By: 

Path to article