It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Drupal hit by another wave of bugs Drupal hit by another wave of bugs
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Drupal hit by another wave of bugs
Reply
 
Thread Tools
Old 27th April 2018, 15:20   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 148,055
Stefan Mileschin Freshly Registered
Default Drupal hit by another wave of bugs

Second time in a month

Developers of popular open source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site.

The new bug affects all sites running on Drupal 8, Drupal 7, and Drupal 6. Drupal's project usage page indicates that about a million sites are running the affected versions. Admins are being urged to immediately update to Drupal 7.58 or Drupal 8.5.1. Drupal issued an alert for the patch last week warning admins to allocate time for patching because exploits might arrive "within hours or days" of its security release.

Drupal warns that attackers can exploit the flaw through several avenues. Any visitor, regardless of privileges, can exploit the flaw by visiting an affected site and gain access to, modify and delete private data.

"This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised", Drupal notes.

The project says that only "drastic" configuration changes will mitigate the vulnerability and hence recommends installing the security release.

The problem lies in the Drupal core and is caused by missing input validation.

https://fudzilla.com/news/46150-drup...r-wave-of-bugs
Stefan Mileschin is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
MJX Bugs 8 / Bugs 6 Brushless FPV Racing Drone Review Stefan Mileschin WebNews 0 12th July 2017 07:45
MJX Bugs 3 Drone Review @ ModSynergy.com Stefan Mileschin WebNews 0 3rd January 2017 09:29
Bugs got into new Linux Stefan Mileschin WebNews 0 8th October 2016 14:48
Millions of Xiaomi phones have bugs Stefan Mileschin WebNews 0 15th July 2016 07:23
Drupal floored by poor update security Stefan Mileschin WebNews 0 10th January 2016 12:03
Just Cause 3 is exploding with bugs and glitches Stefan Mileschin WebNews 0 3rd December 2015 07:21
Drupal 7 dives into machine-readable web Shogun WebNews 0 9th January 2011 07:41
Over 5,000 bugs in 2005 jmke WebNews 0 3rd January 2006 00:32
Game Bugs Everywhere Movie jmke WebNews 1 25th October 2005 20:03

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 02:24.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO