Daffodil International University
Faculty of Science and Information Technology => Recent Technologies and Trends in Software Engineering => Software Engineering => Cyber and Software Security => Topic started by: maruf.swe on March 29, 2019, 01:25:28 AM
-
(https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/21105256/Drupal-exploit.jpg)
Admins should update immediately to fix a remote code-execution vulnerability.
The Drupal open-source content management system platform has issued an advisory for a highly critical remote-code execution (RCE) flaw in the Drupal core.
The vulnerability (CVE-2019-6340) arises from the fact that “some field types do not properly sanitize data from non-form sources,” according to Drupal’s Wednesday advisory, which was published a day after it warned admins that a major security update was coming.
For More Details : https://threatpost.com/critical-drupal-rce-flaw/142091/ (https://threatpost.com/critical-drupal-rce-flaw/142091/)