8/12/2023 0 Comments Drupal core update vulnerability![]() The Drupal developers noted that only Apache web servers are affected and only with specific configurations. The issue affects Drupal core and can lead to the execution of arbitrary PHP code on Apache web servers when uploading specially crafted files. ![]() The magazine's Drupal specialists went on to say “The 'critical' vulnerability, tracked as CVE-2022-25277, affects Drupal 9.3 and 9.4. Drupal uses the NIST Common Abuse Scoring System to rate vulnerabilities, rather than CVSS, and flaws are graded "less critical," "moderately critical," "critical," and "highly critical."ĭrupal development companies are fully aware of these kinds of updates and how they improve the platforms they build. One of them has been qualified as "critical" and the other three as "moderately critical". In Security Week magazine they detailed “Drupal has published four notices that describe four types of vulnerabilities. In the most recent update of this versatile technology, some security patches were alerted that presented flaws, in addition to improving the writing of code, a key aspect for all Drupal developers. With a flexible and modular system, Drupal CMS has managed to impress developers when they have to design a web page that is easy to use for the common user.ĭrupal CMS and its new update in security and code writingīeing Drupal one of the most widely used CMS worldwide, it must have a reliable security protocol, with which its users can rest assured that their information and data will not be compromised. It is used to create many of the webs and applications of daily use”. As per the definition given on its official website, “Drupal is content management software. Drupal is one of the most versatile CMS of today and with which many of the web pages that we visit daily are built.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |