Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms

Original release date: January 12, 2023

Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms.

CISA encourages users and administrators to review Drupal’s security advisory SA-CONTRIB-2023-001 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next CISA Releases Twelve Industrial Control Systems Advisories »

Previous « Juniper Networks Releases Security Updates for Multiple Products

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…

4 hours ago

JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

CISA, through the Joint Cyber Defense Collaborative (JCDC), enabled swift, coordinated response and information sharing…

1 day ago

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems (ICS) advisories on October 29, 2024. These advisories provide…

2 days ago

Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments

CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors,…

3 days ago

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems (ICS) advisories on October 31, 2024. These advisories provide…

4 days ago

Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional…

5 days ago

This website uses cookies.