Web Hosting Forum - A Web Hosting community for Webmasters


Divi WordPress Theme

Author Topic: Drupal Patches Flaw That Allowed Hackers to Forge Password Reset URLs  (Read 807 times)

0 Members and 1 Guest are viewing this topic.

Offline Kailash

  • Administrator
  • Web Hosting Master
  • *****
  • Posts: 601
  • iTrader: +153/-0
    • View Profile
Drupal has released an update to address two critical vulnerabilities present in all version prior to 6.35 and 7.35. The vulnerabilities were as follow:

- Access bypass (Password reset URLs – Drupal 6 and 7)
- Open redirect (Several vectors including the “destination” URL parameter – Drupal 6 and 7)

For complete description of this vulnerabilities, kindly refer Drupal security advisories.

If you are using Drupal, it is highly recommended that you upgrade to version 6.35 (if you are using 6.x version) or 7.35 (if you are using Drupal 7.x version).

- Kailash

Divi WordPress Theme
Tags:
 

Related Topics

  Subject / Started by Replies Last post
0 Replies
4162 Views
Last post September 09, 2007, 10:47:07 AM
by Tech
0 Replies
5684 Views
Last post September 13, 2008, 09:51:19 AM
by Kailash
1 Replies
45093 Views
Last post September 04, 2009, 12:16:06 AM
by Kailash
0 Replies
467 Views
Last post November 19, 2014, 10:52:33 AM
by wRick
1 Replies
470 Views
Last post October 04, 2016, 09:32:34 PM
by Kailash