The Latest in IT Security

Critical Vulnerabilities Fixed in Drupal 7.29 and 6.32

17
Jul
2014

The security team from Drupal announced on Wednesday that versions of the framework earlier than 7.29 and 6.32 are exposed to risks that would allow an attacker to conduct denial-of-service (DoS) and cross-site scripting attacks and gain access to private files.According to Drupal Security Team, the DoS attack can be deployed by using a malicious HTTP Host header. This is achievable because the validation of the HTTP Host header is not properly conducted, and malcrafted header values could lea…

Comments are closed.

Categories

FRIDAY, SEPTEMBER 22, 2017

Featured

Archives

Latest Comments

Social Networks