3
Drupal Multiple Vulnerabilities
source link: https://www.hkcert.org/security-bulletin/drupal-multiple-vulnerabilities_20220422
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Drupal Multiple Vulnerabilities
Release Date: 22 Apr 2022
188 Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in Drupal. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass and data manipulation condition on the targeted system.
Impact
- Security Restriction Bypass
- Data Manipulation
System / Technologies affected
- Drupal version prior to 9.3.12
- Drupal version prior to 9.2.18
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- for Drupal 9.3, update to Drupal 9.3.12
- for Drupal 9.2, update to Drupal 9.2.18
All versions of Drupal 9 prior to 9.2.x are end-of-life and do not receive security coverage.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK