Security News > 2017 > August > Drupal Patches Critical Access Bypass in Core Engine (Threatpost)

Drupal Patches Critical Access Bypass in Core Engine (Threatpost)

2017-08-17 19:50

A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.

News URL

http://threatpost.com/drupal-patches-critical-access-bypass-in-core-engine/127515/

#bypass #critical #drupal #threatpost

Related news

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Drupal		15	0	66	45	14	125

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.