Skip to main content

Drupal Multiple vulnerabilities

Last Update Date: 22 Jul 2014 Release Date: 18 Jul 2014 3818 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in Drupal, which could be exploited by malicious users to cause denial of service, conduct cross site scripting and gain access to private files.


Impact

  • Cross-Site Scripting
  • Denial of Service
  • Security Restriction Bypass

System / Technologies affected

  • Drupal core 6.x versions prior to 6.32.
  • Drupal core 7.x versions prior to 7.29.

 


Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version 6.32 for Drupal 6.x
  • Upgrade to version 7.29 for Drupal 7.x.

Vulnerability Identifier

  • No CVE information is available

Source


Related Link