Drupal Developers are forced to release a second patch for Drupalgeddon2

Drupal Developers are forced to release a second patch for Drupalgeddon2

Yesterday, the developers of Drupal announced that versions 7.x, 8.4.x and 8.5.x this week will receive new security updates, since the critical vulnerability in CMS, known as Drupalgeddon2, could not be completely fixed by the first patches.

Release of updates scheduled ...

In Drupal patched not too dangerous XSS Vulnerability

In Drupal closed XSS Vulnerability
Last Wednesday, the Drupal team released updates with a patch for the XSS vulnerability in the CKEditor module of the CMS core.

This gap, estimated as moderately dangerous, is relevant only for Drupal 8; users are ...

New Critical Vulnerabilities in Drupal

A critical vulnerability has been fixed in Drupal

A week ago on March 28, Drupal Security Team announced patches that close the critical bug in security, relevant for all versions of Drupal 6.x, 7.x and 8.x. The vulnerability allows an attacker ...

Drupal eliminates the vulnerabilities exploited by spammers

Drupal eliminates the vulnerabilities
The developers of Drupal introduced versions 7.56 and 8.3.4, in which several vulnerabilities were eliminated, including bugs used by spammers.

One of the main corrected problems was the vulnerability of CVE-2017-6922. The bug was that the files ...