Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Drupal fixes highly critical SQL injection flaw

Drupal fixes highly critical SQL injection flaw

2014/10/15

Threatpost - (International) Drupal issued a patch for its popular content management system (CMS) that closes a critical SQL injection vulnerability affecting version 7.x. The vulnerability could allow an unauthenticated user to perform arbitrary SQL execution and all users were advised to update their installations as soon as possible.

Source: http://threatpost.com/drupal-fixes-highly-critical-sql-injection-flaw/108861

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:06