Threat Post

All Drupal Versions Susceptible to Code Execution, Credential Theft Vulnerabilities

A number of issues exist in the content management system Drupal that could lead to code execution and the theft of database credentials via a man-in-the-middle attack, a researcher warns. A number of ...
PC World

Drupal to secure its update process with HTTPS

Developers of the popular Drupal content management system are working to secure the software’s update mechanism after a researcher recently found weaknesses in it. Last week, researcher Fernando ...
Threat Post

Several Critical Flaws Patched in Drupal Module

There are several critical vulnerabilities in a middleware layer used in Drupal, including both cross-site scripting and cross-site request forgery bugs, that can be exploited remotely. The ...