Published On: Sep 23, 2024 07:57
Advisory No: TZCERT-SA-24-0027
Source: Drupal
Software Affected: Smart IP Ban
Drupal CMS is vulnerable to a critical vulnerability. A remote attacker can exploit the vulnerability to bypass security control.
Drupal’s Smart IP Ban is affected by a critical vulnerability. The flaw results from insufficient protection access by the module to certain paths provided by the module allowing a malicious user to view and modify the settings.
Successful exploitation of this vulnerability may allow the attacker to bypass access control.
Drupal has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.
