Friday, August 3, 2018

Symfony Flaw Leaves Drupal Sites Vulnerable

Popular content management software Drupal has released an updated version which patches a security bypass vulnerability allowing an attacker to gain control of a site by way of the Symfony HttpFoundation component (CVE-2018-14773). This affects Drupal versions before 8.5.6. Similar flaws were also discovered in the Zend Feed and Diactoros libraries included in the Drupal Core referred to as the 'URL Rewrite Vulnerability' which should be be updated directly.

Be sure to have your website administer update your Drupal website!

Read more here.

3C Technology Solutions Contact

Let's Chat!

We would love to learn about your project.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form