6 January 2016 - 20:34,
by ,
in
News,
No comments
A number of issues exist in the content management system Drupal that could lead to code execution and the theft of database credentials via a man-in-the-middle attack, a researcher warns. The vulnerabilities lie in the way Drupal processes updates, according to Fernando Arnaboldi, senior security consultant with IOActive. Arnaboldi wrote a blog entry describing three...