Breaking News

PROGRADE DIGITAL ANNOUNCES NEW 16TB USB 4.0 PRO SSD be quiet! launches Pure Loop 3 LX and Pure Loop 3 AIO xMEMS Unveils AI Glasses Prototypes Featuring MEMS Technologies that Enhance Smart Wearable Performance and Comfort MSI Expands NVIDIA RTX PRO Server Lineup CORSAIR Launches the XENEON EDGE 14.5″ LCD Touchscreen

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Websites Threatened by Critical Bug in Drupal

Websites Threatened by Critical Bug in Drupal

Enterprise & IT Feb 22,2019 0

Websites that run the Drupal content management system run the risk of being hijacked until they're patched against a vulnerability that allows hackers to remotely execute malicious code, the open source project warned Wednesday.

CVE-2019-6340, as the flaw is tracked, stems from a failure to sufficiently validate user input, Drupal said in an advisory. Hackers who exploited the vulnerability could, in some cases, run code of their choice on vulnerable websites.

A website is only affected by this if one of the following conditions is met:

  • The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or
  • the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7.

(Note: The Drupal 7 Services module itself does not require an update at this time, but you should still apply other contributed updates associated with this advisory if Services is in use.)

Drupal is urging administrators of vulnerable websites to update at once.

Solution:

  • If you are using Drupal 8.6.x, upgrade to Drupal 8.6.10.
  • If you are using Drupal 8.5.x or earlier, upgrade to Drupal 8.5.11.
  • Be sure to install any available security updates for contributed projects after updating Drupal core.
  • No core update is required for Drupal 7, but several Drupal 7 contributed modules do require updates.

Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

Drupal is the third most-widely used CMS behind WordPress and Joomla.

Tags: DrupalSecurity
Previous Post
Huawei Ready to Showcase 5G and Foldable Phones at MWC 2019
Next Post
SpaceX Launches Three New Spacecrafts

Related Posts

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • Samsung Develops New Security Chip For Mobile Devices

  • Samsung Says Your Galaxy S20’s Secure Processor Protects it Against Hardware Attacks

  • SK Telecom and Samsung Unveil the First QRNG-Powered 5G Smartphone

  • AMD Downplays Reported Side Channel Vulnerabilities in Zen Chips

  • RSA 2020: Intel Announces Compute Lifecycle Assurance Momentum, Previews New Security Capabilities

  • Samsung Introduces Data Security Chip Solution for Mobile Devices

  • Google Adds New Security Measures for Nest Accounts

Latest News

PROGRADE DIGITAL ANNOUNCES NEW 16TB USB 4.0 PRO SSD
Consumer Electronics

PROGRADE DIGITAL ANNOUNCES NEW 16TB USB 4.0 PRO SSD

be quiet! launches Pure Loop 3 LX and Pure Loop 3 AIO
Cooling Systems

be quiet! launches Pure Loop 3 LX and Pure Loop 3 AIO

xMEMS Unveils AI Glasses Prototypes Featuring MEMS Technologies that Enhance Smart Wearable Performance and Comfort
Consumer Electronics

xMEMS Unveils AI Glasses Prototypes Featuring MEMS Technologies that Enhance Smart Wearable Performance and Comfort

MSI Expands NVIDIA RTX PRO Server Lineup
Enterprise & IT

MSI Expands NVIDIA RTX PRO Server Lineup

CORSAIR Launches the XENEON EDGE 14.5″ LCD Touchscreen
Consumer Electronics

CORSAIR Launches the XENEON EDGE 14.5″ LCD Touchscreen

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed