| Thread Tools |
27th April 2018, 15:20 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 148,055
| Drupal hit by another wave of bugs Second time in a month Developers of popular open source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site. The new bug affects all sites running on Drupal 8, Drupal 7, and Drupal 6. Drupal's project usage page indicates that about a million sites are running the affected versions. Admins are being urged to immediately update to Drupal 7.58 or Drupal 8.5.1. Drupal issued an alert for the patch last week warning admins to allocate time for patching because exploits might arrive "within hours or days" of its security release. Drupal warns that attackers can exploit the flaw through several avenues. Any visitor, regardless of privileges, can exploit the flaw by visiting an affected site and gain access to, modify and delete private data. "This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised", Drupal notes. The project says that only "drastic" configuration changes will mitigate the vulnerability and hence recommends installing the security release. The problem lies in the Drupal core and is caused by missing input validation. https://fudzilla.com/news/46150-drup...r-wave-of-bugs |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
MJX Bugs 8 / Bugs 6 Brushless FPV Racing Drone Review | Stefan Mileschin | WebNews | 0 | 12th July 2017 07:45 |
MJX Bugs 3 Drone Review @ ModSynergy.com | Stefan Mileschin | WebNews | 0 | 3rd January 2017 09:29 |
Bugs got into new Linux | Stefan Mileschin | WebNews | 0 | 8th October 2016 14:48 |
Millions of Xiaomi phones have bugs | Stefan Mileschin | WebNews | 0 | 15th July 2016 07:23 |
Drupal floored by poor update security | Stefan Mileschin | WebNews | 0 | 10th January 2016 12:03 |
Just Cause 3 is exploding with bugs and glitches | Stefan Mileschin | WebNews | 0 | 3rd December 2015 07:21 |
Drupal 7 dives into machine-readable web | Shogun | WebNews | 0 | 9th January 2011 07:41 |
Over 5,000 bugs in 2005 | jmke | WebNews | 0 | 3rd January 2006 00:32 |
Game Bugs Everywhere Movie | jmke | WebNews | 1 | 25th October 2005 20:03 |
Thread Tools | |
| |