Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Drupal releases correct four moderately critical third-party vulnerabilities

Drupal releases correct four moderately critical third-party vulnerabilities

Drupal this week issued a series of security releases to fix four “moderately critical” vulnerabilities, three related to the content management system’s Symfony PHP web application framework and a fourth involving the jQuery project JavaScript library.

The three Symfony issues consist of:

  • A cross-site scripting bug caused by the failure of validation messages in the PHP templating engine to escape (CVE-2019-10909)
  • A remote code execution vulnerability due to service IDs derived from unfiltered user input
  • A flaw potentially allowing attackers to modify the remember me cookie and authenticate as a different user.

These three problems, reported by PHP researcher Michael Cullum, were patched in Symfony itself, and repairs are also found in the newly released Drupal versions 8.6.15 and 8.5.15.

The same two new Drupal versions, plus also Drupal 7.66, have a fix for a cross-site scripting vulnerabilitythat researchers “dtv_rb” and “Jess” found in the jQuery project prior to its newest release, version 3.4.0.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket