Home » CMS » Drupal (page 5)

Drupal

Drupal Core – Critical – Access Bypass – SA-CORE-2017-002

Advisory ID: DRUPAL-SA-CORE-2017-002 Project: Drupal core Version: 8.x Date: 2017-April-19 CVEID: CVE-2017-6919 Security risk: 17/25 ( Critical) AC:Basic/A:User/CI:All/II:All/E:Theoretical/TD:Default Vulnerability: Access bypass Description This is a critical access bypass vulnerability. A site is only affected by this if all of the following conditions are met: The site has the RESTful Web Services (rest) module enabled. The site allows PATCH requests. An ...

Read More »

Powered by WP Robot