Drupal is an open source content management system (CMS) written in PHP. Multiple vulnerabilities have been reported in Drupal core versions 6, 7, and 8 these vulnerabilities includes: access bypass within the Form API, http header injection using line breaks, open redirect via path manipulation, brute force attacks via XML-RPC, file upload access bypass and denial of service. The most critical of the above vulnerabilities is the Form API access bypass affecting Drupal 6. A successful exploitation could allow an attacker to manipulate and submit input associated with form buttons that should normally be blocked for non-administrators.
- Drupal core 6.x versions prior to 6.38
- Drupal core 7.x versions prior to 7.43
- Drupal core 8.0.x versions prior to 8.0.4
Multiple vulnerabilities were discovered in the Drupal Core 6, 7 and 8. These vulnerabilities could allow Unauthorized Access. Specifically, the vulnerabilities are as follows:
- File upload access bypass and denial of service vulnerability was found in the File module that allows a malicious user to view, delete or substitute link to a files.
- Brute force amplification attacks via XML-RPC; The XML-RPS system allows a large number of calls to the same method at once.
- Open redirect via path manipulation in Drupal 6 and 7; current path can be populated with external URL leading to an open redirect vulnerabilities.
- HTTP header injection using line breaks. A vulnerability in the drupal_set_header() function allows an HTTP header injection attack to be performed if user-generated content is passed as a header value on sites running PHP versions older than 5.1.2.
- Open redirect via double-encoded 'destination' parameter. The drupal_goto() function in Drupal 6 improperly decodes the contents of $_REQUEST['destination'] before using it, which allows the function's open redirect protection to be bypassed and allows an attacker to initiate a redirect to an arbitrary external URL.
- Reflected file download vulnerability that could allow an attacker to trick a user into downloading and running a file with arbitrary JSON-encoded content.
- If you use Drupal 6.x, upgrade to Drupal core 6.38
- If you use Drupal 7.x, upgrade to Drupal core 7.43
- If you use Drupal 8.0.x, upgrade to Drupal core 8.0.4