Drupal New Security Update to Core Addresses Access Bypass Vulnerability

Staff Reporter

Drupal has released a new security update to Drupal core. The update is classified as moderately critical. The core security releases address an access bypass vulnerability. The alert was released on 19th.

According to the release, all Drupal 7 sites on Windows web servers are vulnerable. Drupal 7 sites on Linux web services are vulnerable with certain file directory structure. Drupal 9 and 10 sites are vulnerable only if certain contributed or custom file access modules are installed.

Following are the available solutions:

Drupal 10.0 - update to Drupal 10.0.8.
Drupal 9.5 - update to Drupal 9.5.8.
Drupal 9.4 - update to Drupal 9.4.14.
Drupal 7 - update to Drupal 7.96.

Click here to know more about the new release.

Click here to follow us on LinkedIn

Comment

Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please let us know in the comments below and we will try to address the issue as best we can.

Security Update