The Drupal development team addressed many vulnerabilities in both Drupal 8 and 7, including some flaws rated as “critical”. Drupal maintainers have fixed many vulnerabilities in Drupal 7 and 8, including some flaws rated as “critical.â One of the critical security vulnerabilities is related to partial cross-site scripting (XSS) prevention mechanisms that was addressed with Drupal 8.4.5 and 7.57 […]
Drupal maintainers this week released security updates to fix several access bypass vulnerabilities in Drupal 8. Update your installation. On Wednesday Drupal maintainers released security updates to fix several access bypass vulnerabilities in Drupal 8. The flaws affect several components, including the entity access system, the REST API and some views. The most severe vulnerability patched by Drupal 8.3.7 is a critical issue, tracked as CVE-2017-6925 that affects […]