Drupal Patches Flaw Exploited in Spam Campaigns

Drupal security updates released on Wednesday address several vulnerabilities, including one that has been exploited in spam campaigns.

The flaw exploited in the wild, patched with the release of Drupal versions 7.56 and 8.3.4, is a moderately critical access bypass vulnerability tracked as CVE-2017-6922.

read more

Article Link: http://feedproxy.google.com/~r/Securityweek/~3/pRyFf5gxdxg/drupal-patches-flaw-exploited-spam-campaigns