Critical vulnerabilities in the one of Drupal plugin were tracked, which could be exploited by attackers to take complete control of the affected Drupal site. An Attacker can use this bug to hack the Drupal website by using a specially crafted “X-Original-URL” or “X-Rewrite-URL” HTTP header.
Drupal’s maintenance staff solved the security bypass vulnerability by releasing a new version of the popular content management system version 8.5.6.
CVE-2018-14773
Affected version
Symfony 2.7.0 to 2.7.48, 2.8.0 to 2.8.43, 3.3.0 to 3.3.17, 3.4.0 to 3.4.13, 4.0.0 to 4.0.13 and 4.1.0 to 4.1.2
Drupal 8.x versions before 8.5.6
Unaffected version
Symfony 2.7.49, 2.8.44, 3.3.18, 3.4.14, 4.0.14 and 4.1.3
Drupal 8.5.6
Solution
Upgrade to the unaffected version.
This post has received a 3.13 % upvote from @drotto thanks to: @alanna27.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thank`s to @drotto
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @alanna27! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :
Award for the number of comments
Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word
STOP
Do not miss the last post from @steemitboard:
SteemitBoard and the Veterans on Steemit - The First Community Badge.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit