jQuery Object.prototype Pollution Cross-Site Scripting Vulnerability [CVE-2019-11358]

CVE Number – CVE-2019-11358 A vulnerability in jQuery as used in multiple products could allow an unauthenticated, remote attacker to

Read more

Drupal PHP Templating Engine Cross-Site Scripting Vulnerability [CVE-2019-10909]

CVE Number – CVE-2019-10909 A vulnerability in Drupal could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS)

Read more

Drupal Service IDs Validation Arbitrary Code Execution Vulnerability [CVE-2019-10910]

CVE Number – CVE-2019-10910 A vulnerability in Drupal could allow an authenticated, remote attacker to execute arbitrary code on a

Read more

Drupal Core – Cross Site Scripting

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting

Read more

Drupal Core – Multiple Vulnerabilities

Advisory ID: DRUPAL-SA-CORE-2018-006 Project: Drupal core Version: 7.x, 8.x Date: 2018-October-17 Drupal has released security updates addressing multiple vulnerabilities in Drupal

Read more

Kitty Cryptocurrency Miner

An advanced cryptocurrency miner called Kitty has been observed exploiting the Drupal remote code execution vulnerability better known as Drupalgeddon

Read more
%d bloggers like this: