Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2021-003

Project: Drupal coreDate: 2021-May-26Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Cross Site ScriptingDescription: Drupal core uses the third-party CKEditor library. This library has an error in parsing HTML that could lead to an XSS attack. Solution: Install the latest version:If you are using Drupal 9.1, update to Drupal 9.1.9.If you are using Drupal 9.0, update to Drupal 9.0.14.If you are using Drupal 8.9, update to Drupal More info: https://www.drupal.org/sa-core-2021-003

Achieving Cyber Vigilance with Zero Trust

Federal government agencies are facing a cyber insurgency. The past year underscored the systemic vulnerability of our government. Security teams are facing increasingly sophisticated attacks – and they’re doing so in a remote work environment. In parallel with this, organizations are accelerating cloud adoption which expands the threat surface for cybercrime cartels and nation-state The post Achieving Cyber Vigilance with Zero Trust appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2021/05/achieving-cyber-vigilance-with-zero-trust.html?utm_source=rss&utm_medium=rss&utm_campaign=achieving-cyber-vigilance-with-zero-trust

Achieving Cyber Vigilance with Zero Trust

Federal government agencies are facing a cyber insurgency. The past year underscored the systemic vulnerability of our government. Security teams are facing increasingly sophisticated attacks – and they’re doing so in a remote work environment. In parallel with this, organizations are accelerating cloud adoption which expands the threat surface for cybercrime cartels and nation-state The post Achieving Cyber Vigilance with Zero Trust appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2021/05/achieving-cyber-vigilance-with-zero-trust.html?utm_source=rss&utm_medium=rss&utm_campaign=achieving-cyber-vigilance-with-zero-trust
Translate »