Critical severity is coming to Acunetix Standard & Premium. Find out more on our blog.

WEB APPLICATION VULNERABILITIES Standard & Premium

Drupal Core 8.8.0 Denial of Service (8.8.0 - 8.8.0)

Description

Drupal Core is prone to a denial of service vulnerability. Exploiting this issue may allow an attacker to abuse install.php, which can cause cached data to become corrupted, thus causing a site to be temporarily impaired. Drupal Core version 8.8.0 is vulnerable.

Remediation

Update to Drupal Core version 8.8.1 or latest

References

https://www.drupal.org/sa-core-2019-009

Related Vulnerabilities

WordPress Plugin WebLibrarian Cross-Site Scripting (3.4.8.6)

WordPress Plugin LearnPress-WordPress LMS Security Bypass (3.2.6.8)

WordPress Plugin WP Cost Estimation & Payment Forms Builder Multiple Vulnerabilities (9.642)

WordPress Plugin myTreasures Cross-Site Scripting (2.4.10)

WordPress Plugin WP Custom Admin Interface PHP Object Injection (7.28)

Severity

High

Classification

CWE-400 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

Tags

Missing Update Denial Of Service