Security News > 2017 > August > Drupal Patches Critical Access Bypass in Core Engine (Threatpost)

Drupal Patches Critical Access Bypass in Core Engine (Threatpost)

2017-08-17 19:50

A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.

News URL

http://threatpost.com/drupal-patches-critical-access-bypass-in-core-engine/127515/

#bypass #critical #drupal #threatpost

Related news

GitLab releases fix for critical SAML authentication bypass flaw (source)
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions (source)
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) (source)
MFA bypass becomes a critical security issue as ransomware tactics advance (source)
Critical Ivanti vTM auth bypass bug now exploited in attacks (source)
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Drupal		135	209	504	90	16	819

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.