Views - Moderately critical - Information Disclosure - SA-CONTRIB-2019-034

Project: ViewsVersion: 7.x-3.x-devDate: 2019-March-13Security risk: Moderately critical 10∕25 AC:Complex/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Information DisclosureDescription: This module enables you to create customized lists of data.
The module doesn't sufficiently protect against argument definitions failing.
This vulnerability is mitigated by the fact that a view must have custom PHP code used as a field validator.Solution: Install the latest version:

  • If you use the Views module for Drupal 7.x, upgrade to Views 7.x-3.21

Also see the Views project page.Reported By: 

Fixed By: 

Coordinated By: 

Additional information
Note: Drupal issues individual security advisories for separate vulnerabilities included in a release, rather than lumping "multiple vulnerabilities" into a single advisory. All advisories released today for Views:

Path to article