Several vulnerabilities have been patched in the Drupal content management system (CMS) with the release of version 8.2.7, including access bypass, cross-site request forgery (CSRF) and remote code execution flaws.

The most serious of them, rated critical and tracked as CVE-2017-6377, is an access bypass weakness affecting the editor module.

read more

Recommended Posts

‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking