Bugs in Drupal's update process could lead to backdoored updates, site compromise (Help Net Security)

2016-01-07 11:06

Drupal's update process is deeply flawed, says IOActive researcher Fernando Arnaboldi. He recently discovered three separate flaws in it, the worst of which could be exploited by attackers to swap ...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Tqjgj6St30g/secworld.php

#compromise #drupal #security

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.