There’s a cybersecurity risk in CMS Drupal that could leave nearly 1 million websites prone to a cyber attack. CMS Drupal is a free and open source content management framework that is written in PHP. Now, the team that designed Drupal is urging administrators to update their sites to ward off the bug.
Reports claim that the nasty bug could highly compromise these 1 million sites. The affected versions are Drupal 6, 7 and 8 and it has sited that this is a highly critical cybersecurity risk. It warns that nearly anyone visiting the site can easily hack into it.
In a blog post, the Drupal group said, “This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.”
In fact, an alert was sent last week about a “highly critical release” that would be released this weekend and that website admin should update it immediately. This left the developers and administrators on high alert.
The group has identified the bug as CVE-2018-7600. However, users on various social media are calling it drupalgeddon2 in reference to the major release from Drupal way back in 2014. Drupal has warned the websites to update to Drupal 7.58 or Drupal 8.5.1 as soon as possible to avoid any attack.
Kunal Shah’s CRED valued at $4 billion following new $251 million funding New
BhartiAirtel to invest $673 million in its Nxtra data center expansion
Chinese self-driving firm DeepRoute.ai raises $300 million in funding from Alibaba and others
Google fined $177 million by South Korea for blocking Android customization
Indian Startup Dukaan raises $11 million to enable merchants set-up online stores
© 2021 CIO Bulletin. All rights reserved.