Threat Post

Drupal Patches Critical Access Bypass in Core Engine

A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities. Website management platform Drupal released ...
ZDNet

Drupal critical flaw: Patch this remote code execution bug urgently, websites warned

The bug was considered serious enough for Drupal's security team to warn admins a day in advance of Wednesday's patch release to reserve time to address the bug. Drupal is the third most popular CMS ...
Ars Technica

Many websites threatened by highly critical code-execution bug in Drupal

Sites that run the Drupal content management system run the risk of being hijacked until they're patched against a vulnerability that allows hackers to remotely execute malicious code, managers of the ...