Information about vulnerability in the Drupal content management system

Vulnerability in the Drupal content management system

The ACSC has become aware of a critical vulnerability in the Drupal content management system. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

Drupal assesses this vulnerability as critical. If you are using a version of Drupal prior to 7.58 or 8.51, the ACSC recommends that you upgrade immediately as per Drupal's advice.
Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it

Icon for Report Report a cyber security incident for critical infrastructure Icon for becoming a alerts Get alerts on new threatsAlert Service Icon for becoming a partner Become anACSC partner Icon for reportingReport a cybercrime or cyber security incident
Authorised by the Australian Government, Canberra