Drupal Vulnerable to Cross-Site Scripting and SQL Injection Attacks

The hugely popular open-source content-management system, Drupal, contains bibliography, recipe, and job search modules that can allow intruders to perform cross-site scripting and SQL injection attacks. The vulnerabilities are the result of input not being sanitized properly. The developers of Drupal have released new versions to correct the problems

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish