DRUPAL PATCHES CRITICAL BUG THAT LEAVES PLATFORM OPEN TO XSS ATTACK

Share this…

Drupal developers patched two critical vulnerabilities this week in versions 7 and 8 of its content management system platform. Overall, Drupal patched seven vulnerabilities including four rated moderately critical and two flaws rated less critical.

The first of the critical flaws is a comment reply form bug in Drupal version 8. This vulnerability gives unauthorized users access to restricted content, allowing them to view and add comments and content in certain restricted areas in the CMS, according to the advisory published Wednesday.