Select Page

It’s time to update your Drupal websites.

Drupal, the popular open-source content management system, has released a new version of its software to patch a security bypass vulnerability that could allow a remote attacker to take control of the affected websites.

The vulnerability, tracked as CVE-2018-14773, resides in a component of a third-party library, called Symfony HttpFoundation component, which is being used in Drupal Core and affects Drupal 8.x versions before 8.5.6.

images from Hacker News