Daffodil International University
Faculty of Science and Information Technology => Recent Technologies and Trends in Software Engineering => Software Engineering => Cyber and Software Security => Topic started by: maruf.swe on March 30, 2019, 02:00:25 AM
-
(https://media.threatpost.com/wp-content/uploads/sites/103/2018/03/22132259/Drupal_Logo.png)
Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it.
Drupal released a patch for a “highly critical” flaw in versions 6, 7 and 8 of its CMS platform that could allow an attacker to take control of an affected site simply by visiting it. Drupal also warned an unprivileged and untrusted attacker could modify or delete data hosted on affected CMS platforms.
The Drupal developers alert (SA-CORE-2018-002) estimates over one million sites running Drupal are impacted. Affected are Drupal CMS versions before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1. Also impacted is Drupal 6 and 8.3.x and 8.4.x releases, said Drupal.
For More Details : https://threatpost.com/drupal-issues-highly-critical-patch-over-1m-sites-vulnerable/130859/ (https://threatpost.com/drupal-issues-highly-critical-patch-over-1m-sites-vulnerable/130859/)