Drupal core installation can serve as a simple Web site, a single- or multi-user blog, an Internet forum, or a community Web site providing for user-generated content. The risk calculator shown that it is highly critical according NIST Common Misuse Scoring System (NISTIR 7864). Two critical factors told us the following:
- All data can be modified or deleted
- All non-public data is accessible
It is indeed nightmare! Drupal user must do the patching immediately. Otherwise there is a new round of data leakage incident will be happened soon!
Official announcement: Drupal core – Highly critical – Remote Code Execution
2 thoughts on “Drupal core – Highly critical – Remote Code Execution (Mar 2018)”
It is in point of fact a great and helpful piece of info. I am happy that you simply shared this helpful information with us. Please stay us up to date like this. Thank you for sharing.
I do like the way you have presented this particular matter plus it does indeed provide me personally a lot of fodder for consideration. However, from just what I have witnessed, I only wish as the actual feed-back pack on that people stay on issue and not get started on a tirade regarding the news du jour. Still, thank you for this excellent piece and whilst I can not really go along with it in totality, I value your standpoint.
Comments are closed.