"Ricochet has proven to be a partner that we can depend on to create and maintain a successful drupal-based CMS system. Their deep experience in drupal has allowed them to identify existing plugins and to quickly implement custom logic when required to efficiently implement our international content management workflow and site. Ricochet has shown their commitment to our success again and again, working collaboratively across our team to make it happen, and putting in the extra effort when needed to meet our business goals."
—David Saffren, Blurb.com

Monster Menus - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-052

Wed, 2024-10-23 08:45 — Anonymous (not verified)

Project: Monster MenusDate: 2024-October-23Security risk: Critical 19 ∕ 25 AC:Complex/A:None/CI:All/II:All/E:Theoretical/TD:AllVulnerability: Arbitrary PHP code executionAffected versions: <9.3.4 || >=9.4.0 <9.4.2Description: This module enables you to group nodes within pages that have a highly-granular, distributed permissions structure.
In certain cases the module doesn't sufficiently sanitize data before passing it to PHP's unserialize() function, which can result in arbitrary code execution.Solution: Install the latest version:

If you use Monster Menus branch 9.4.x, upgrade to monster_menus 9.4.2
If you use Monster Menus branch 9.3.x, upgrade to monster_menus 9.3.4

Reported By:

Drew Webber of the Drupal Security Team

Fixed By:

Drew Webber of the Drupal Security Team
Dan Wilga

Coordinated By:

Greg Knaddison of the Drupal Security Team
Juraj Nemec of the Drupal Security Team
Drew Webber of the Drupal Security Team

Path to article https://www.drupal.org/sa-contrib-2024-052

Search form

Monster Menus - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-052