The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update ...

Drupal has issued a security update which resolves three security flaws, two of which are deemed critical. Earlier this week, the open-source website content management system (CMS) released a ...

Drupal has released a security update to address a critical vulnerability in a third-party library with documented or deployed exploits available in the wild. "The Drupal project uses the pear Archive ...

Drupal has released its February patch update with fixes for 10 vulnerabilities, including several which allow attackers to execute code remotely and access website elements which should be blocked.

Drupal issued a security advisory of four critical vulnerabilities rated from moderately critical to critical. The vulnerabilities affect Drupal versions 9.3 and 9.4. The security advisory warned that ...

Drupal announced two vulnerabilities affecting versions 9.2 and 9.3 that could allow an attacker to upload malicious files and take control of a site. The threat levels of the two vulnerabilities are ...

If you’re responsible for one of the 700,000 websites running Drupal 7 right now, you’ll have heard about the big change coming to Drupal. The release of Drupal 9 and the subsequent withdrawal of ...

Drupal, the popular open-source content management system used by hundreds of thousands of blogs and websites, has reset the passwords of its Drupal.org users following a data security breach of the ...

Poor input validation makes previous versions of Drupal vulnerable. If the conditions are right, attackers can execute malicious code in the victim's web browser via compromised websites created with ...

The Drupal Association explained in a notice that hackers were able to get into the system via a known vulnerability inside third-party software that was installed on the Drupal.org server ...