Drupal Security Issue SA-CONTRIB-2017-38

Description: The Drupal security team has discovered a critical vulnerability in a third-party module named References. Although this module is no longer maintained, it is currently used within over 120,000 installations.

Impact:  The Drupal security team did not disclose the technical details about the vulnerability in order to avoid the exploitation of the flaw in the wild.

Mitigation: As per drupal.org official page information, if you use the References module for Drupal you should uninstall it.

Reference URL’s:

• https://www.drupal.org/node/2869138
• http://securityaffairs.co/wordpress/58136/hacking/drupal-references-module-flaw.html

Recommended Posts

Press release April 2023: Situational Security Alerts from CIRT

21 Apr 2023 - Articles, English articles, News, Notice, Security Advisories & Alerts

Security Best Practices

29 Mar 2023 - Security Advisories & Alerts

Dropbox discloses breach after hacker stole 130 GitHub repositories

02 Nov 2022 - Security Advisories & Alerts