-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| drupal/drupal | composer | >= 8.0.0, < 8.7.11 | 8.7.11 |
| drupal/drupal | composer | >= 8.8.0, < 8.8.1 | 8.8.1 |
Miggo AIRoot Cause AnalysisThe vulnerability occurs when accessing install.php on an installed system. The core mechanism would be in the installation entry point (install.php) which in vulnerable versions didn't properly validate() installation status before performing cache-related operations. The install_drupal() function (or equivalent procedural code in install.php) would be responsible for cache initialization steps that corrupt existing data when improperly executed. This matches the described attack vector and impact pattern without requiring specific patch details.