Drupal Critical Vulnerabilities Exploit (SA-CORE-2018-002)

Submitted by dryer on Wed, 03/28/2018 - 18:09

Drupal is a content management system often used for Enterprise Content Management Projects. The tool is large and has integrated features such as a database entity system, which leaves it open to lots of attack vectors because of the large API surface.Without a central authority like Acquia handling security updates, things can be difficult to patch and there will be vulnerable installs as was the case with Drupalgeddon in 2014.