Critical update on Drupal SQL injection exploit

This Public Service Announcement is a follow up to SA-CORE-2014-005 – Drupal core – SQL injection. This is not an announcement of a new vulnerability in Drupal. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.

Read Drupal Security Advisory here – https://www.drupal.org/PSA-2014-003

Leave a Comment

Your email address will not be published.

Scroll to Top