As you may recall, back in June, Checkmarx disclosed multiple cross-site scripting (XSS) vulnerabilities impacting Drupal Core, listed as CVE-2020-13663, followed by a more technical breakdown of the findings in late November. Today, we’re releasing details surrounding additional, new vulnerabilities (CVE-2020-13669) uncovered in Drupal Core as part of our continued research of the open source
Tag: Drupal security analysis
Earlier this year, the Checkmarx Security Research Team conducted an investigation of the new version of Drupal Core (Drupal 9) – a content management system (CMS) written in PHP – uncovering several interesting issues whose technical details are worth discussing openly. This article covers the technical facets of CVE-2020-13663 that were made public by Checkmarx
As part of our ongoing mission to help organizations develop and deploy more secure software and applications, and in light of Checkmarx’s expanded insight into the open source security landscape with its recently launched SCA solution, the Checkmarx Security Research Team analyzed Drupal, an open source content management system (CMS) and one of the top
In early April 2016, reports emerged detailing history’s largest data leak, the Panama Papers. This incredible leak of sensitive data concerning both Mossack Fonseca and their clients contained 2.6 TB of data which included 11.5 million documents relating to over 200,000 companies and exposed the hidden fortunes of politicians, dictators and the super-rich. In comparison to
Drupal is a free and open-source content management system (CMS) and content management framework (CMF) written in PHP and distributed under the GNU General Public License. It is used as a back-end system for at least 2.1% of all websites worldwide ranging from personal blogs to corporate, political, and government sites including whitehouse.gov and data.gov.uk. It is also used for knowledge management and business collaboration.