Drupal Security Issue SA-CONTRIB-2017-38

by CIRT Team

Description: The Drupal security team has discovered a critical vulnerability in a third-party module named References. Although this module is no longer maintained, it is currently used within over 120,000 installations.

Impact:  The Drupal security team did not disclose the technical details about the vulnerability in order to avoid the exploitation of the flaw in the wild.

Mitigation: As per drupal.org official page information, if you use the References module for Drupal you should uninstall it.

Reference URL’s:

• https://www.drupal.org/node/2869138
• http://securityaffairs.co/wordpress/58136/hacking/drupal-references-module-flaw.html

CIRT Team

Recommended Posts

Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh

06 Nov 2024 - Security Advisories & Alerts

Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages

08 Oct 2024 - Security Advisories & Alerts

Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh

12 Sep 2024 - Security Advisories & Alerts