Drupal (Core) Data Breach
Drupal (Core) experienced a data breach that was reported on March 25, 2022. In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.
Key Facts
- Organization
- Drupal (Core)
- Date Reported
- March 25, 2022
- Incident Type
- web app exploit
- Industry
- Technology
- Severity Score
- 5/10
- Confidence Level
- high
- Tags
Source
View original source - External link to primary source documentation
Understanding web app exploit Incidents
Web application exploits target vulnerabilities in websites and APIs. Secure development practices, WAFs, and penetration testing protect against these attacks.